----- Original Message -----
From: "wayne" <wayne(_at_)schlitt(_dot_)net>
To: "IETF DKIM WG" <ietf-dkim(_at_)mipassoc(_dot_)org>
Personally, I really don't much like the "WEAK", "EXCLUSIVE",
"STRONG", etc. mnemonics. I guess they try to describe the quality of
the policy, rather than decribe the function that they create.
With the exception of NONE, EXCLUSIVE, NEUTRAL and USER, I agree that WEAK
and STRONG need qualification (explanation) during a conversation or
reading. "What do you mean by STRONG or WEAK?"
I think decribing the function would be better.
Subjective argument: Administration vs Developer. I believe the terms is
for communications between "people". I wasn't personally expecting these or
any other literal to be used in a protocol.
I also think that the descriptions of the policies aren't
particularly clear. For example, I could see many people
considering "WEAK" to be a stronger policy than "STRONG"
because it excludes third party signatures.
True, see above.
I think breaking them out into at least two keywords will lead to
clearer names.
Right, but again, two different mindset of ideas I believe.
On the technical side (protocol), the only problem I see with it, is the
added pressure into the protocol. We have more entry points. Just look at
the table produced by Frank, he had #2 possible modes that are NOT expected
by the protocol. This requires protocol logic to eliminate any sender
attempt to use these "black hole" modes. The new entry points are threats
if not closed.
By using the current specification, you lock in the logic. If we stick with
a single character combo concept, then you have 256 possible policies. Do
you think we will have 256 policies 5, 10, 20 years from now?
I personally have no problem with the breakout, just keep in mind that it
does open some threat entry points that needs to be closed.
--
Hector Santos, Santronics Software, Inc.
http://www.santronics.com
_______________________________________________
ietf-dkim mailing list
http://dkim.org