ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] DKIM charter

2005-11-14 19:42:24
The parenthetical seems to be a bit misplaced, and might fit better to the use of the word "legitimate". This might read more easily if broken into two sentences.

Actually, the content and placement of the parenthetical is due to an
attempt to correct a misunderstanding followed by awkwardness, when there
were two sentences.  :-)  Unless others think it's unclear, I'd rather
leave it as it is (though it's surely not Shakespeare).

Detection of spoofing is indirect at best; I'd prefer that we emphasize the ability of DKIM to rule out spoofing.

I kind of agree, but I'd rather not change that bit of text, which is
another that we modified a couple of times before settling on that.

I really like your suggestion in http://mipassoc.org/pipermail/ietf-dkim/2005q4/001359.html that we move away from the word "policy" and use "declaration". Should we do that here as well?

Thank you.  I looked at the text here, and there are only two places
where we say "policy", and I can't see a good way to turn either of
those directly into "declaration" without changing what they mean.
The first says, "and to publish 'policy' information about how it
applies those signatures."  I could make it, "and to publish declarative
information about how it applies those signatures," or simply, "and to
publish information about how it applies those signatures."  What do you
(plural) think?

The second one is in the definition of the deliverable, so I could
change that from, "A standards-track specification for DKIM policy
handling," to "A standards-track specification for DKIM signing
declarations."  That changes it significantly, and it worries me to
change the charter text so much -- and the actual content of the document
is quite up-in-the-air right now anyway.

Maybe we should leave the charter text as it is, and wait until we start
beating on the document before we decide whether we want to call it
"policy" or "declaration" or "bad thing that we've decided not to do
after all."

I got a little confused by the use of "standards-track specifications" here, because the threat analysis is done before any standards-track specifications exist. Should it say "DKIM specifications" instead?

Really?  You don't think it's clear that it means "the standards-track
specifications that we mentioned in the previous paragraph"?  Well, I
changed it to say "proposed standards-track specifications" in my copy.
Is that better?

Last sentence: "or" -> "nor"

Yep; changed.

The specs will also advise mailing lists on how to take
advantage of DKIM if they should choose to do so.

"specs" (which should probably be spelled out) is plural. Is that to say that all of the documents will say something about mailing lists?

(I've spelled it out now, in my copy.)
Of course it doesn't mean to say that; it means that, collectively, the
documents will say that.  It doesn't mean to define, at this point, which
document(s) will do it.

The current drafts have two DKIM RRs, one for keys and another for "policy". So that should be Resource Records.

Changed.

Barry

--
Barry Leiba, Pervasive Computing Technology  
(leiba(_at_)watson(_dot_)ibm(_dot_)com)
http://www.research.ibm.com/people/l/leiba
http://www.research.ibm.com/spam
_______________________________________________
ietf-dkim mailing list
http://dkim.org

<Prev in Thread] Current Thread [Next in Thread>