Dave CROCKER wrote:
A number of the latest set of posts indicate that some folks haven't read
RFCX
4871, and I don't mean "carefully". It almost looks as if they haven't read
it
at all. Worse, the point that is constantly being ignored was proffered
quite
clearly in the Errata draft. So it appears they haven't read that document
either.
::snort::
The Errata draft cites the text already in RFC 4871 that specifies a single
output value. The text is not subtle or hidden. It is explicit and clear.
Section 6.3:
6.3. Interpret Results/Apply Local Policy
It is beyond the scope of this specification to describe what actions
a verifier system should make, but an authenticated email presents an
opportunity to a receiving system that unauthenticated email cannot.
Specifically, an authenticated email creates a predictable identifier
by which other decisions can reliably be managed, such as trust and
reputation. Conversely, unauthenticated email lacks a reliable
identifier that can be used to assign trust and reputation. It is
reasonable to treat unauthenticated email as lacking any trust and
having no positive reputation.
What part of "beyond the scope" is so difficult to understand? DKIM
produces a large set of authenticated bits. It's not our job to rank them,
let along pick "one" winner to exclusion of all other bits. Use and
experience will pick those winners, not some ill-conceived errata
trying to rewrite history.
The requirement for specifying a single output is already specified in RFC
4871.
No it doesn't.
Part of the requirement for having a legitimate discussion is that
uncomfortable
facts and considerations have to be dealt with in one's response. If such
data
are ignored, then all one is doing is selling, not discussing. That makes
the
interaction political rather than technical.
This is rich.
Mike
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html