Hi, the following "overview" paragraph is somewhat unclear:
| Historically, email delivery assessment decisions have
| been based on an identity that used the IP Address of
| the system that directly sent the message (that is, the
| previous email "hop"), [RFC4408] or on the message
| content (e.g. [RFC4406] and [RFC4407]).
RFC 4405..4407 are an example of, generally speaking, using
the message content, but actually they are based on the PRA
as defined in RFC 4407, determined by looking at the header.
The SMTP extension "submitter" in RFC 4405 is in essence a
shortcut and irrelevant for a DKIM overview memo, but using
correct terminology for PRA makes sense, proposal:
[...]
| content (e.g. the "Purported Responsible Address" defined
| in [RFC 4407] as used in [RFC 4406]).
RFC 4406 + 4408 are not limited to identities related to the
IP of the client, if they use the exists-mechanism. IMHO it
would be clearer to enumerate the relevant identities:
* direct uses of the IP (e.g. DNSBLs, inserting a reference
to the ASRG DNSBL draft if it is ready in time)
* uses of the HELO-identity (e.g. in [RFC 4408] policies,
or 'iprev' in [I-D.kucherawy-sender-auth-header])
* uses of the envelope sender address (e.g. in [RFC 4408])
* PRA (see above)
The overview memo has a reference to sender-auth-header,
mentioning 'iprev' should be no timing problem. Maybe we
can agree that DKIM+ADSP is supposed to play in the same
field as PRA, and while I dare not say "replace PRA" it is
IMO still relevant to spell its name out.
Frank
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html