The IETF (Internet Engineering Task Force) has disbanded
its antispam working group, Marid (MTA Authorization Records In
DNS) working group, because of an intellectual-property row
surrounding Microsoft's Sender ID proposal.
The decision, announced by co-area director Ted Hardie, means
the end for the IETF's original plan to back a single standard for
authenticating the senders of e-mail messages, a way of stemming
the address forgery commonly exploited by junk e-mailers and other
scam artists.
Those participating in the effort are to put their various
antispam proposals into practice, gathering information that could
lead to another IETF standardisation effort. Other options include
the creation of a standard by an industry organisation or the
co-existence of several standards.
"Concluding a group without it having achieved its goals is
never a pleasant prospect, and it is always tempting to believe
that just a small amount of additional time and energy will cause
consensus to emerge," Hardie said.
"After careful consideration, however, the working group chairs
and area advisor have concluded that such energy would be better
spent on gathering deployment experience."
Marid was originally created in the expectation that engineers
could produce a standard fairly quickly but the IETF did not count
on the lack of deployment experience in the real world and
intellectual property conflicts.
"Technical discussion of the merits of these mechanisms has not
swayed their proponents and what data is available on existing
deployments has not made one choice obviously superior," Hardie
said.
Opinions finally began to coalesce around Microsoft's Sender ID
proposal, a combination of the company's own Caller ID for E-mail
and a separate technology called SPF. But many open-source groups
criticised Microsoft's licensing terms and the company's vagueness
about pending patents that could have given Microsoft a claim on
Sender ID technology.
In its current form, critics said, the proposal could have given
Microsoft patent control over part of the Internet's basic
infrastructure. Shortly after America Online announced it would not
be supporting Sender ID, Marid finally rejected the proposal.
"Assessments have been difficult in part because they have been
moved out of the realm of pure engineering by the need to evaluate
[intellectual property rights] and licensing related to at least
one proposal," Hardie said.
With a 4 August milestone long past, and no immediate prospect
of achieving it, project leaders decided to disband the working
group and instead try to gather real-world data that could help
make one of the proposals stand out as the obvious choice.
Hardie asked the editors of the various working group drafts to
submit their proposals for Experimental RFC status, to be reviewed
by a specially formed directorate. When the directorate is formed
it will be publicised on the IETF's website.
Industry pressure is growing for a standardised
sender-authentication system, with technologies such as SPF already
in use.
In a June report by the US Federal Trade Commission (FTC), the
FTC suggested the US government could mandate such a system if it
decides to create a national registry of users who have requested
not to receive junk e-mail. The US has already created such a
registry for blocking advertising phone calls.
Matthew Broersma writes for Techworld.com