ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] draft-ietf-dkim-base-08 submitted

2007-01-19 07:40:01
Most of the changes that Eric made should be non-controversial, involving clarifications and tweaking that have helped us (the draft authors and the working group chairs) explain things to the IESG. Regardless, though, of the non-controversial nature of those changes, the chairs would like the working group to review the document fully.

The most changes are in two areas:

The security considerations, where some significant changes went in after discussion with the Security Directorate. We hope these fall into the "non-controversial" category, and we urge the working group to object only with strong reason.

Section 5.4.1, "Recommended Signature Content". Stephen has posted a pointer to the extensive IESG comments, but to summarize: there is concern in the IESG that, given no guidance at all, some signers will create perfectly compliant signatures that no verifier will accept even after verification succeeds, resulting in an interoperability problem. The new version of section 5.4.1 is thus attempting to give minimal advice, which might be modified by more specific signing policies defined later, to alleviate this concern.

Please review and discuss. The chairs would like the group to complete this discussion quickly and efficiently, so that the IESG can send a final draft to the RFC editor very soon. To that end, we're setting the discussion period to a week, and we're asking that we keep any discussion of the -08 draft tightly on track. The point here is not to rehash anything that's already been discussed, to pick again at anyone's pet points, nor to go on about unimportant details. The point is to decide whether with these changes, the document remains a solid protocol that has the rough consensus of this community.

As usual, when you start a discussion thread, don't use this subject line. Use something specific to the topic you're discussing.

A week of discussion -- which ends on 26 January... and starts now.

--
Barry Leiba, DKIM working group chair  (leiba(_at_)watson(_dot_)ibm(_dot_)com)
http://www.research.ibm.com/people/l/leiba
http://www.research.ibm.com/spam

_______________________________________________
NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html

<Prev in Thread] Current Thread [Next in Thread>