Michael Thomas wrote:
Of course, SSP also includes guidance on unsigned messages.
That and "organization" gives a lot more legitimacy to the kind of third
parties that SSP is trying stop. But this whole formulation is problematic
though. Better is:
SSP is an organization's attempt to *inform* receivers what its practices
are so that receivers can make better disposition decisions about mail
purporting, but without DKIM substantiation, to have originated from that
organization.
Orwell is getting a lot of discussion, these days. As well he should. The
tendency to deny or re-cast the meaning of simple, basic words has become
common.
I will therefore suggest careful consideration that:
handling= Non-compliant message handling request for the domain
(plain-text; OPTIONAL). Possible values are as follows:
process Messages which are Suspicious from this domain SHOULD be
processed by the verifier, although the SSP failure MAY be
considered in subsequent evaluation of the message. This is
the default value.
deny Messages which are Suspicious from this domain MAY be
rejected, bounced, or otherwise not delivered at the option of
the verifier.
is nothing so passive as "informing" receivers about a potential signer's
practices.
Language like "message handling request" is requesting a specific behavior by
the receiver.
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html