On Thu, 04 Jan 2007 12:23:54 -0000, Stephen Farrell
<stephen(_dot_)farrell(_at_)cs(_dot_)tcd(_dot_)ie> wrote:
When we've a reasonable looking alternative, then we can ask the
change/no-change question.
If you simply s/MUST NOT/SHOULD NOT/, then you are saying, in effect:
"When used for the purposes and in the manner envisaged when this standard
was written, then signatures have no need to use this tag other than for
diagnostic purposes. However, if some other purpose becomes apparent, or
some other manner of achieving the needed security is proposed, then we
have left open the possibility that this tag may play a part in it".
So SHOULD NOT is the minimal change. But you could as easily omit all
MUST/SHOULD/MAY stuff and simply explain that "This tag is not intended to
pay any part in the signature verification process when this standard is
used for the purposes and in the manner envisaged. But it is not precluded
that situations may arise where its use may provide security that could
not have been achieved without it".
All of which is somewhat waffly, but it does not commit us to things we
might regret. And, in any case, "MUST NOT" is not enforceable, and there
is no interoperability problem that it prevents, and hence it is a breech
of RFC 2119 to use it.
--
Charles H. Lindsey ---------At Home, doing my own thing------------------------
Tel: +44 161 436 6131
Web: http://www.cs.man.ac.uk/~chl
Email: chl(_at_)clerew(_dot_)man(_dot_)ac(_dot_)uk Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K.
PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html