On Feb 8, 2008, at 11:28 AM, Steve Atkins wrote:
On Feb 8, 2008, at 11:18 AM, Eric Allman wrote:
Doug,
I am in no way married to the word DISCARDABLE. We used it in
SSP-02 because it matched ASP.
It has occurred to me that we've spent FAR too much time arguing
about exactly what word to use. I'm deeply tempted to switch to
numbers, special characters, or random gibberish strings so that
people have to read the actual description.
It's an assertion that the sender would prefer that the recipient
not deliver some small fraction of legitimate email as well as some
small fraction of illegitimate email, rather than delivering those
small fractions of legitimate and illegitimate email.
This is not an assertion likely suitable in many cases where
exclusivity is being attempted. The recommendation of a verifier's
actions happens to be wrong for many of these cases where exclusivity
is being sought.
In the senders opinion, it is more important that mail claiming to
be from them not be delivered than for it to be delivered.
The english meaning of "discardable" matches the semantics pretty
well. If we want implementors to easily understand and deploy the
specification, and more importantly the limits of them doing so,
thats fairly important.
Disagree. Not delivering a message does _not_ mean discard.
Return to terminology that describes the intended actions of the
signing domain. This avoids recommendations almost certainly wrong at
this point. Leave this for a later BCP.
Even if assertions were "SSP_X", the draft still needs to define the
meaning of the assertion. Defining the meaning in terms of verifier
actions makes such definition incredibly premature.
Instead, define assertions based upon the signing domain's
intentions. Exclude verifier recommendations (leave this to Hector's
BCP). Assume verifiers are seasoned professionals.
Do not imply an assertion represents advice that removes RFC 2821
delivery assurances.
exclusive:
All mail from the domain is signed with an intent to
avoid agents that may damage or remove signatures.
If the removal of delivery assurances happens to be the goal, make
this a separate assertion at the very least. Don't expect all high
profile domains wish to suffer a reduction in delivery integrity when
attempting to better protect their domain's recipients.
transitory:
All mail from the domain is signed. All information
contained in messages is transitory and can be discarded
when lacking a valid Author Signature.
BCP to follow.
-Doug
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html