OK a new point, the SSP requirements need to be addressed to different
audiences:
1) Authors of software
2) Operators of software.
It seems to me that a lot of points here are only discussing the second and
thus we end up with more heat than light as there is considerably greater
variation in operational situations than many expect.
The specification is going to be written primarily for the authors of the
software rather than operators.
So many times a MUST is going to be 'a compliant DKIM verifier MUST allow
configuration X'.
I think it is reasonable to state that a compliant package MUST NOT reject
verification failures out of hand. Whether that is possible is another issue
since it is a policy issue and MUST is generally reserved for interface
compatibility issues.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html