[ppml] Policy Proposal 2007-2 - Last Call
Member Services
info at arin.net
Wed Apr 25 16:01:39 EDT 2007
- Previous message: [ppml] Policy Proposal 2007-4 - Last Call
- Next message: [ppml] Policy Proposal 2007-5 - Abandoned
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Policy Proposal 2007-2 Documentation of the Mail-From Authentication Method The ARIN Advisory Council (AC), acting under the provisions of the ARIN Internet Resource Policy Evaluation Process (IRPEP), determined that there is community consensus in favor of the proposal and moved it to last call. The AC made this determination at their meeting at the conclusion of the ARIN Public Policy meeting on 24 April 2007. The Chair of the AC reported the results of the AC meeting during the Members Meeting. The AC Chair's report can be found at: http://www.arin.net/meetings/minutes/ARIN_XIX/mem.html The policy proposal text is provided below and is also available at: http://www.arin.net/policy/proposals/2007_2.html Comments are encouraged. All comments should be provided to ppml at arin.net. This last call will expire at 23:59, Eastern Time, 9 May 2007. The ARIN Internet Resource Policy Evaluation Process can be found at: http://www.arin.net/policy/irpep.html Regards, Member Services American Registry for Internet Numbers (ARIN) ##*## Policy Proposal 2007-2 Documentation of the Mail-From Authentication Method Proposal type: New Policy term: Permanent Policy statement: DELETION FROM THE NRPM 12.1 Mail-From This section intentionally left blank. ADDITION TO THE NRPM 12.1 Mail-From Mail-From is the default authentication method by which registration records are protected from vandalism. If a registrant fails to designate a more secure method, any subsequent email which bears the sender address of an authorized Point of Contact may be deemed authentic with regard to the registrant's records. Since it is trivial to forge a sender address, Mail-From should not be regarded as secure. Use of Mail-From authentication is not recommended to any registrant who has the means to implement either of the more secure cryptographic authentication methods. Rationale: This policy complements the previously-proposed "Reinstatement of PGP Authentication Method" which introduces section 12 to the NRPM. Section 12 relates the existence of three authentication methods. Two of those, mail-from and X.509, were preexisting but not documented within the NRPM. This policy proposal simply seeks to provide brief documentation of the existence of the mail-from authentication method. Because the specific wording of the documentation may be subject to debate, and is in no way interdependent upon the documentation of the other two methods, it is being proposed in a separate policy, so that consensus may be more easily reached. Timetable for implementation: Immediate
- Previous message: [ppml] Policy Proposal 2007-4 - Last Call
- Next message: [ppml] Policy Proposal 2007-5 - Abandoned
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the PPML mailing list