+1
Bill Oxley
Messaging Engineer
Cox Communications, Inc
404-847-6397
-----Original Message-----
From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org on behalf of Jon Callas
Sent: Fri 2/13/2009 7:03 PM
To: DKIM Chair
Cc: DKIM Mailing List
Subject: Re: [ietf-dkim] Status and direction
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Barry,
I think that we're dealing with a false dichotomy between a straw man
and beating a dead horse with a red herring.
4871 is in my opinion as an author clear about i=. You have but to
read it and the informative notes. One might think it's amorphous, but
it's at least an explicit amorphousness. It survived a rough
consensus, at least implicitly. I will summarize 4871 as "signers can
do whatever makes sense to them, receivers have to live with that." If
Aleister Crowley were around, he would have said that the law around
i= is "do what thou wilt."
There's nothing wrong with a bunch of people saying, "Hey, if we all
define i= to have format FOO, then we get benefit BAR" and then doing
that. That includes using i= as a signaling mechanism to the receiver.
However, that agreement is closer to BCP than to a mandate, because
4871 intentionally says what it says. There's nothing wrong with ASDP
or anyone else deciding to do what they want, because that's what 4871
says! Do what you want. But that is a practice, not a mandate.
However, this completely ignores the most important feature of 4871:
you can sign any header you want. If ADSP or anyone else wants the
force of mandate, it is better and simpler to create a new header and
sign that. Let me suggest that you could introduce a "DKIM-I" line,
put whatever ADSP wants in it, sign that, and Bob's your uncle. You're
done.
There is utterly no reason to create a 4871bis to redefine i=. It's a
waste of everyone's time. The correct answer is to expand the protocol
through the defined expansion mechanism! If people don't like a signed
header, then make a new DKIM-Signature Header Field (c.f. section 3.5
of 4871). I suggest picking "y=". My reasons are that "y" is known
sometimes as a "Greek i" and "y not?" All ADSP needs to do for this
one is a simple global-search-and-replace of "i=" to "y=" and Alice is
your auntie. You're done.
This same principle holds for other people who aren't happy with the
precise semantics of i=, d=, g=, or anything else. Make a header and
sign it, or stick a new field into the DKIM header. It's *that*
*simple*!
If we want to clarify the i= semantics in errata, sure. Whatever. But
all the people who want i= to be something it isn't are much better
served by making what they want than by trying to pretend that i= is
the same shape as the peg they are holding in their hand. It isn't.
Make a new hole to fit that peg, and we will all be much happier.
Jon
-----BEGIN PGP SIGNATURE-----
Version: PGP Universal 2.6.3
Charset: US-ASCII
wj8DBQFJlfyIsTedWZOD3gYRAjW5AJ9hv13AZF8h5988gWT3okKe6MMbFQCbB4v9
IM7XOCIV5g2Hpb9sVbjBs0U=
=dKg5
-----END PGP SIGNATURE-----
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html