That document is half-submitted. You need to go to that link yourself and complete the form before it will actually post to the datatracker.

-MSK

I have some comments to kick things off, mostly editorial, not to the
substance of the proposal. You might consider these and work up an
-01 version, while others are working on their comments on the
substance:

-- Abstract --
This document contains a plan for how providers of email services
can manage the problem of email abuse over IPv6. Spammers can
send mail from a very large range of IPv6 addresses, and this will
make current antispam technology less effective.

Be careful about making it sound like you think you have the FUSSP. I
suggest "manage one aspect of the problem", or some such, and "current
antispam blocklisting technology".

Later in the abstract: "interim transition" seems a bit redundant to me.

-- Sections 1.x --

I suggest that you try to use terms from RFC 5598, and cite that as a
normative reference. Your definition for "email", for example, is
fluffy, and in this document it really means "SMTP mail" anyway.
Don't try to re-invent terms, when we have a good reference set up
already.

-- Section 1.8 --

I suggest you use RFC 5782 as a (normative) reference for IP
black/white listing, and cite it here and in Section 2.

-- Section 2 --

In IETF terms, IP is not "transport" (TCP is transport, and IP is at a
lower stack layer). I suggest that you change things like
"transitioned from an IPv4 transport to that of IPv6," to simply
"transitioned from IPv4 to IPv6," and "when operating using IPv4 as a
transport mechanism," to "when operating over IPv4."

OLD
By rotating through IPs quickly, a blocklist would always
be one step behind spammers and lose its effectiveness.
COMMENT
The referent is wrong here -- the blocklist is not what's rotating
through the "IPs", and they're IP addresses anyway.
NEW
By rotating through IP addresses quickly, a spammer would
always be one step ahead of the blocklists, and the lists
would lose their effectiveness.

(I similarly suggest that you look around at where else you should be
saying "IP address", "IPv4 address", and "IPv6 address", where the
word "address" is absent now. It doesn't have to be in every place,
but things would be clearer if it were in most places.)

-- Section 3 --
The second paragraph is a good example of what I noted parenthetically
above: I would use "IP addresses" for all instances of "IPs" here. In
the second sentence, the comma needs to be a semicolon. The third
sentence feel awkward, and I suggest this:
OLD
IPs on this
whitelist are there because they send email over IPv6 intentionally,
not because they are part of a botnet and are sending email without
the computer owner's consent.
NEW
IP addresses on this
whitelist are there because they send email over IPv6 intentionally,
and are not sending email without the computer owner's consent, as
part of a botnet.

You say "known good IP [addresses]", but say nothing about how they're
known to be good. Perhaps simply a forward reference to Section 4
would be nice.

In the third paragraph, I suggest not using "content filter" as a
compound verb. Try rephrasing (perhaps "filter the mail by content").

-- Section 4 --
This seems to say that whitelisting will always be symmetric: "once
one party or both parties have agreed to whitelist each other". I
know you don't mean to say that, so you might rephrase to be clearer.
In fact, you and I might not even know each other, but I might be
relying on your reputation from some other source when I add you to my
whitelist... and you wouldn't know I had done it nor consider adding
me to your whitelist at all. Just focus on a receiving end
whitelisting a sending IP address.

-- Section 5 --
At some point, we'd have to look at issues that are specific to IPv6
whitelists, but for now, you should cite the security considerations
in RFC 5782, note that much of that applies here, and note that
v6-specific considerations need to be addressed as the document is
developed.

-- Section 6 --
Expand "PII" on first use.

Second paragraph: "As noted"... where?

-- References --
I would say that RFC 5321 is normative.

You have references to RFCs 1958, 4213, and 5211, with no citations to them.

--
Barry