Dave CROCKER wrote:
Sean Shen wrote:
I don't understand why use "and/or" here. Will eventually be an "and" or an
"or"? Using both is confusing expecially when there is a "MUST" in this
sentense.
It's from the RFC, Section 6.3:
"Once the signature has been verified, that information MUST be
conveyed
to higher-level systems (such as explicit allow/whitelists and reputation
systems) and/or to the end user."
The goal of the Errata has been only to fix the d=/i= issue and not attack
other
issues with the RFC.
d/
I believe these concern are right on target. You indicated people are
confused, even knowledgeable ones. Well, this is part of the
confusion with i=.
Before you can enforce a MUST, the d=/i= relationships and usage MUST
be well defined and understood by everyone - hopefully equally.
What do you mean by MUST? That a DKIM implementation MUST also
implement a white list, reputation system, and if you don't, at the
very least MUST be presented to the user? How is the MUST employed?
What do you mean by convey - processed by, filtered by a WhiteList ,
Reputation system, but displayed to the USER?
--
Sincerely
Hector Santos, CTO
http://www.santronics.com
http://santronics.blogspot.com
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html