Hi Ellen,
Siegel, Ellen wrote:
The list of editorial comments is getting really long, and it's hard to
track which ones are getting accepted into the document. I hope there
will be a chance to review the document once all the various suggestions
are incorporated before it is considered final.
Yes, I guess there'll be a -10 before we can ship it to the AD and
I'm sure the authors will want folks to take a look at that before
we do the write-up (which doesn't tend to happen in nanoseconds
anyway;-). After that there's the time until the draft gets on top
of the AD's in-tray and then more, so I wouldn't worry overmuch about
not having time to check changes.
One particular instance, in reference to Stephen's comment #6 on Section
1.1, 1st paragraph, I disagree with the proposed amendment (see below).
The exchange I had with Dave showed that my suggested text wasn't
as good anyway, so I'd guess this will end up ok from your p-o-v.
I could go along with removing the single sentence "It can also be
created by an independent service that is providing assistance to a
handler of the message.", but I do not agree with the additional editing.
Signing by the author domain is certainly one example of signature, but
far from the only one and even "typical" may be a stretch. And I think
it's important to call out the fact that the domain used for signing may
be independent from that of the author or even that of the signer, since
it may be delegated. The whole point of DKIM is that it allows any
entity to take responsibility for the message, and I think it's
important to retain the text that makes that clear.
In reference to Stephen's comment #2 on the Abstract, I'm not clear why
making an intermediary or agent parenthetical is beneficial. The point
is that it enables stronger authentication of the signer, and the text
in question is just enumerating the possible signing entities.
I tried to answer Dave on that too. Let me know if I didn't cover
this in that response.
Cheers,
S.
Ellen
#6 Section 1.1, 1st para:
The first part of the 1st sentence seems like a tautology -
who else could
create signatures other then someone who handles the message?
What does the "it" refer to in: "It can also be created by
an independent
service that is providing assistance to a handler of the
message." I don't
understand the sentence basically. I'd also suggest
deleting the following two
sentences.
That'd mean changing:
" DKIM signatures can be created by a direct handler of a
message, either as
its author or as an intermediary. It can also be created by
an independent
service that is providing assistance to a handler of the
message. Whoever does
the signing chooses the domain name to be used as the basis
for later
assessments. Hence, the reputation associated with that
domain name is an
additional basis for evaluating whether to trust the message
for delivery. The
owner of the domain name being used for a DKIM signature is
declaring that they
accept responsibility for the message and may thus be held
accountable for it."
to:
" DKIM signatures can be created by any handler of a
message, either its
author or an intermediary. In a typical use of DKIM, the
owner of the domain
name being used for a DKIM signature is declaring that they
accept
responsibility for the message and may thus be held
accountable for it."
-----Original Message-----
From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org [mailto:ietf-dkim-
bounces(_at_)mipassoc(_dot_)org] On Behalf Of Stephen Farrell
Sent: Wednesday, March 26, 2008 1:43 PM
To: ietf-dkim
Subject: [ietf-dkim] New Issue: various overview editorial suggestions
I'm still not done with this, but since I'm already late
its probably worth sending these suggested changes out
now. Feel free to ignore or take 'em & sorry if they
overlap with recent list discussions.
And of course, these are just my comments as a vanilla
participant, not as chair or shepherd (that's Barry this
time btw).
I'll try get the rest of this reviewed in the next day
or two, so more apologies (this time in advance:-) for
those even later comments.
Stephen.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html