I had a similar thought, but there's also the timing issue, the folks
who wanted this done also wanted it early in the process.
And therein lies the real problem: A collection of people outside the
constituency that wants to USE this output are pressing to explore a variety
of "requirements" for upfront analysis about possible output.
We could spend an infinite amount of resources and time dealing with the
infinite number of ways DKIM can be misunderstood and misused.
While it is always useful to try to guard against the truly likely problems
with a specification (and the service using it) it is simply not reasonable
to place an upfront requirement to do this before the actual technical work
is authorzed.
d/
--
Dave Crocker
Brandenburg InternetWorking
<http://bbiw.net>
_______________________________________________
ietf-dkim mailing list
http://dkim.org