On 2/4/08 at 3:08 AM +0100, Frank Ellermann wrote:
Hi, on the DKIM list a poster claimed that Sender is OPTIONAL.
Of course, that's obviously false. Sender is not OPTIONAL (defined in
section 5 of RFC 2119). There are cases where it is REQUIRED (section
1 of 2119) and cases where "there may exist valid reasons in
particular circumstances to" not have a Sender, "but the full
implications must be understood and carefully weighed before choosing
a different course" (section 3 of 2119). As you say:
1: from multiple authors => MUST (table 3.6 and in 3.6.2)
2: one author = transmitter => SHOULD NOT (redundant, 3.6.2)
3: otherwise SHOULD (3.6.2)
I don't get case (3), why is it only a SHOULD ? For anything that's
not covered by (2: one author = transmitter) I'd expect a MUST:
- Otherwise, both fields SHOULD appear.
+ Otherwise, both fields MUST appear.
What could be a plausible excuse to ignore the SHOULD in (3) ?
Two that I can come up with off the top of my head:
- The agent responsible for the actual transmission of the message is
the company lawyer who vets every e-mail message before sending it
out. But the lawyer's identity should not be revealed to the rest of
the world for security reasons.
- The agent responsible for transmission is *really* hard to
determine. A particular system may have an audit log which can figure
out who sent it later, but that information is unavailable when the
message itself is being sent.
It certainly lowers interoperability to not have a Sender when there
is a single author and we know the transmitter is different from the
author, but only insofar as we have lost information. But it does not
eliminate interoperability. Not having a Sender when there are two
authors *definitely* can damage interoperability since you simply
*can't* determine any value for the Sender.
pr
--
Pete Resnick <http://www.qualcomm.com/~presnick/>
Qualcomm Incorporated - Direct phone: (858)651-4478, Fax: (858)651-1102