The list of editorial comments is getting really long, and it's hard to
track which ones are getting accepted into the document. I hope there
will be a chance to review the document once all the various suggestions
are incorporated before it is considered final.
One particular instance, in reference to Stephen's comment #6 on Section
1.1, 1st paragraph, I disagree with the proposed amendment (see below).
I could go along with removing the single sentence "It can also be
created by an independent service that is providing assistance to a
handler of the message.", but I do not agree with the additional
editing.
Signing by the author domain is certainly one example of signature, but
far from the only one and even "typical" may be a stretch. And I think
it's important to call out the fact that the domain used for signing may
be independent from that of the author or even that of the signer, since
it may be delegated. The whole point of DKIM is that it allows any
entity to take responsibility for the message, and I think it's
important to retain the text that makes that clear.
In reference to Stephen's comment #2 on the Abstract, I'm not clear why
making an intermediary or agent parenthetical is beneficial. The point
is that it enables stronger authentication of the signer, and the text
in question is just enumerating the possible signing entities.
Ellen
#6 Section 1.1, 1st para:
The first part of the 1st sentence seems like a
tautology - who else could
create signatures other then someone who handles the
message?
What does the "it" refer to in: "It can also be created
by an independent
service that is providing assistance to a handler of the
message." I don't
understand the sentence basically. I'd also suggest
deleting the following two
sentences.
That'd mean changing:
" DKIM signatures can be created by a direct handler of
a message, either as
its author or as an intermediary. It can also be
created by an independent
service that is providing assistance to a handler of the
message. Whoever does
the signing chooses the domain name to be used as the
basis for later
assessments. Hence, the reputation associated with that
domain name is an
additional basis for evaluating whether to trust the
message for delivery. The
owner of the domain name being used for a DKIM signature
is declaring that they
accept responsibility for the message and may thus be
held accountable for it."
to:
" DKIM signatures can be created by any handler of a
message, either its
author or an intermediary. In a typical use of DKIM,
the owner of the domain
name being used for a DKIM signature is declaring that
they accept
responsibility for the message and may thus be held
accountable for it."
-----Original Message-----
From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org [mailto:ietf-dkim-
bounces(_at_)mipassoc(_dot_)org] On Behalf Of Stephen Farrell
Sent: Wednesday, March 26, 2008 1:43 PM
To: ietf-dkim
Subject: [ietf-dkim] New Issue: various overview editorial suggestions
I'm still not done with this, but since I'm already late
its probably worth sending these suggested changes out
now. Feel free to ignore or take 'em & sorry if they
overlap with recent list discussions.
And of course, these are just my comments as a vanilla
participant, not as chair or shepherd (that's Barry this
time btw).
I'll try get the rest of this reviewed in the next day
or two, so more apologies (this time in advance:-) for
those even later comments.
Stephen.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html