1.) Authors of software
MUST be able to reject, accept, accept with identifiers any failure to
verify, extensible to all conditions
Thanks,
Bill Oxley
Messaging Engineer
Cox Communications, Inc.
Alpharetta GA
404-847-6397
bill(_dot_)oxley(_at_)cox(_dot_)com
-----Original Message-----
From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org
[mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of Hallam-Baker,
Phillip
Sent: Tuesday, August 08, 2006 11:51 AM
To: Stephen Farrell
Cc: ietf-dkim(_at_)mipassoc(_dot_)org
Subject: RE: [ietf-dkim] SSP requirements
OK a new point, the SSP requirements need to be addressed to different
audiences:
1) Authors of software
2) Operators of software.
It seems to me that a lot of points here are only discussing the second
and thus we end up with more heat than light as there is considerably
greater variation in operational situations than many expect.
The specification is going to be written primarily for the authors of
the software rather than operators.
So many times a MUST is going to be 'a compliant DKIM verifier MUST
allow configuration X'.
I think it is reasonable to state that a compliant package MUST NOT
reject verification failures out of hand. Whether that is possible is
another issue since it is a policy issue and MUST is generally reserved
for interface compatibility issues.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html