--- Ned Freed <ned(_dot_)freed(_at_)mrochek(_dot_)com> wrote:
More generally, I think the "simple" approach does too little
The thinking behind c=simple is that it's a desirable target we might be able
to reach in the future.
If we assume for the moment that email signing becomes pervasive, then the
trend will hopefully be towards constraining arbitrary modifications of email
in-transit and thus make c=simple feasible.
However, if we don't define the desired target in a base specification then
it's unlikely to be ever defined as the incremental upgrade will have little
motivation to push deployment.
IOW, if we don't define the desired end-point now, then it'll never be
deployed.
For our part, as a relatively large email provider, I can envision a policy of
sending a proportion of email with c=simple as a "canary test" to monitor
survivability. The point being to create a steady stream of c=simple traffic to
ensure implementations work with it.
So, perhaps the questions to ask are:
o Do we need an aspirational like c=simple?
o Do we believe that email signing will trend us in that direction?
o Do we believe that that aspirational needs to be in the base to have a good
chance of wide-spread implementation?
As a druthers, the original DK definition of c=simple was purer in the sense
that there was not even a h= taq. It more or less desired that email would
trend towards no in-transit modifications whatsoever.
Mark.