David Berlind of ZDNet News says in “Catastrophic Loss for unencumbered Standards” that the IETF working group on the most promising mail authentication system has been shut down, due to technical and business differences among its participants, plus it seems Microsoft is trying to patent the solution the working group was working on.

That leaves Meng Weng Wong’s Sender Policy Framework (SPF) as the main non-proprietary solution in this space, not to mention the most widely adopted.

Berlind calls for the Internet mail industry to follow the precedent of the financial industry, in which the principal vendors banded toegher and set a de facto standard for Electronic Funds Transfer (EFT).

One of the most likely groups to do this has been meeting in DC yesterday and today: the Anti-Phishing Working Group. Both Meng Weng and someone from Microsoft are there, as well as representatives from many well-known Internet security companies and many companies affected by phishing and spam.

I don’t see an industry-wide standard coming out of this meeting, but there are more meetings planned in short order….

-jsq

PS: Thanks to Bruce Sterling for blogging about Berlind’s article.