On Thu, 13 Dec 2007 01:34:48 -0000, J D Falk <jdfalk(_at_)returnpath(_dot_)net>
There's still a lot of experimenting to do before we'll be able to call
any authentication-related user interface element a "best" practice.
Those experiments can't occur until DKIM (and probably SSP) has wider
I think the sort of language you would use, having described a
standardized set of features, would be of the form "These features are
*intended* to be used by verifiers in the following manner. ...". Whether
they turn out later to be "best practice" will be clear when "later"
happens. In the meantime, it gives verifiers an indication of what they
should try to achieve, but still gives freedom to imaginative verifiers to
use alternative strategies that will, hopefully, work even better.
Charles H. Lindsey ---------At Home, doing my own thing------------------------
Tel: +44 161 436 6131
Email: chl(_at_)clerew(_dot_)man(_dot_)ac(_dot_)uk Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K.
PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5
NOTE WELL: This list operates according to