Re: DMARC -> CERT?

[Miles Fidelman <mfidelman () meetinghouse net>]

Christopher Morrow wrote:
> On Mon, Apr 14, 2014 at 4:44 PM, Scott Howard <scott () doc net au> wrote:
> > On Mon, Apr 14, 2014 at 1:39 PM, Christopher Morrow
> > <morrowc.lists () gmail com> wrote:
> > > On Mon, Apr 14, 2014 at 4:34 PM, Matthias Leisi <matthias () leisi net>
> > > wrote:
> > > > They could have communicated, as in "listen folks, we are going to make
> > > > a
> > > > critical change that will affect mailing lists (etc...) in four weeks
> > > > time".
> > > communicated it where?
> >
> > "The Internet".
> I was trying, really, to be not-funny with my question.
>
> if you're going to do something that has the potential to affect (say,
> for example) email to a wide set of people, most of which are NOT your
> direct users, how do you go about making that public?
>
> 'the internet' isn't really a good answer for 'how do you notify'.
> Doug's note that: "email mailops" is good... but I'm not sure how many
> people that run lists listen to mailops? (I don't ... i don't run any
> big list, but...)
>
> I also wonder about update cycles for software in this realm? and for
> very larger list operators there's probably some customization and
> such to hurdle over on the upgrade path, eh? so how much leadtime is
> enough? how much is too much? 1yr seems like a long time - people will
> forget, 1wk doesn't seem like enough to avoid firedrills and
> un-intended bugs.
>
> > A blog entry and a post to a few key relevant mailing lists would have
> specifically which mail-lists?

How about the support lists for all the email list packages they could 
think of - let's start with mailman, majordomo, listserve, listproc, 
sympa, ezmlm, .....

Might have been nice if they'd offered some support for patching the 
open source ones.

Miles Fidelman

--
In theory, there is no difference between theory and practice.
In practice, there is.   .... Yogi Berra