ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] SSP security relies upon the visual domain appearance

2005-11-22 15:10:47

On Nov 22, 2005, at 11:28 AM, Dave Crocker wrote:

An alternative, for the core document, is merely to note that display of identity-related fields is a highly sensitive aspect of application usability and that consideration of the design issues affecting it are outside the scope of this specification.

Having the core document give ANY normative guidance on user interface design and cognitive processing concerns -- note the draft text says "should" -- or for that matter any guidance at all is not going to help the focus or utility of the document's main purpose.

This consideration depends heavily upon how the core document is used. Not normally constraining associations between an email- address and the signing-domain at the MTA, but instead assuming a "recognized association" may be made at the MUA would be an example of why this guidance could be problematic. I suspect a significant constituency of users would desire such freedom, while also appreciating improved protections.

-Doug
_______________________________________________
ietf-dkim mailing list
http://dkim.org

<Prev in Thread] Current Thread [Next in Thread>