From: Jim Fenton [mailto:fenton(_at_)cisco(_dot_)com]
Sent: Wednesday, October 13, 2010 3:22 PM
To: Murray S. Kucherawy
Subject: Re: [ietf-dkim] ISSUE: 4871bis-02 - Section 8.14 comments
Here's some text I propose for section 8.14, in place of the current
text. Bear in mind that this is in the context of the Security
Considerations section of the spec, so it is really a discussion of the
threat and how it is dealt with, rather than normative text.
It seems to me you're saying the same thing bis-02 is saying, but with perhaps
less terse language. In particular, bis-02 says "SHOULD NOT validate"
something that's malformed, while you're saying "SHOULD" validate format before
processing. Those sound the same to me, but if people like this expression of
it better then I'm also happy with it.
You're right about splitting the verifier advice out to Section 6. Good point.
And your rewrite of 8.14 is cleaner than what we have now.
I agree that using a MUST is too strong; not only is it a very hard requirement
to achieve but it wanders into the realm of making DKIM modules responsible for
5322 enforcement, and I don't like that at all. Thus I think SHOULD is
appropriate, and MAY is even more so (but I'll settle for the former).
A minor point: I would like your proposed 5.3 and 6.1.1 (should that be 6.1.2?)
text to contain something like "See Section 8.14 for further discussion."
NOTE WELL: This list operates according to