The threat analysis is really a requirements document. It neither rules
in or rules out the use of things not currently in the DKIM
specification,
For any complex and interesting topic -- of which this is most certainly one
-- it is never possible to make complete lists that explain all of the
open-ended issues. So we are certain to have the document always be guilty of
leaving something out.
Hence, I suggest we agree to make a very clear distinction between 1) Things
that are in the document with which people take exception, vs. 2) Things
people would like to add to the document.
The first means correcting errors. The second means expanding the scope of
the document.
Note that the essential word in #2 was "add". Rather than criticize the
document for what it lacks, people need to make affirmative and concrete
proposals for what to add. If others agree, then it probably should be added.
If others do not voice support for the addition, then it should not be added.
d/
--
Dave Crocker
Brandenburg InternetWorking
+1.408.246.8253
dcrocker a t ...
WE'VE MOVED to: www.bbiw.net
_______________________________________________
ietf-dkim mailing list
http://dkim.org