] Authentication, authorization and accreditation each can be useful.
] Because accreditation involves new functional territory for Internet
] mail, the validation specification will first provide for private
] accreditation techniques, such as privately maintained whitelist and
] blocklist tables.
^^^^^^^^^
blacklist?
This language went in because Dave Crocker wanted it, over my mild
objections. Dave assured me there would be significant stress induced
by opening the accreditation issue; and I agreed to shut up.
Nonetheless, "blocklist" usually means fitering CIDR blocks of IP
addresses; while I suspect we need to at least _allow_ private listing
of EHLO domains which individual sites choose not to trust.
I'm still not convinced it makes sense to partition our work along
these lines. The DNA portion of CSV is _quite_ minimalist: merely
_allowing_ a standard method for listing of accreditation service(s)
which favorably rate the (EHLO) domain, and not requiring receivers to
pay any heed to these listings. IMHO, we'd be poorly advised to deploy
CSV without that much.
(We'd also, IMHO, be poorly advised to try to nail down a "solution"
to any particular "spam" problem through accreditation standards.)
--
John Leslie <john(_at_)jlc(_dot_)net>