-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Let me reply with a "Yes, but."
It's far more likely that an unused feature will remain fallow than
anything else. The interoperability issues you mention are real, but
the usual effect is that the unused feature remains unused, not that
it breaks things.
Nonetheless, you and I are of different styles on that issue, and I
always see your point even when I disagree.
So let me say that I basically agree, I would only repeat what I'd
said before that the burden of proof lies on those who would define a
feature to be unused.
That burden of proof is usually not hard. If it's genuinely unused,
one only has to listen for silence.
It gets more difficult when someone *plans* to use a feature. More
than that when there's a debate about how useful a feature a feature is.
The debate we're having about h= and k= falls into that latter
category. There is no technical reason to keep them. However, there's
a feel-good aspect to them. The explanation of why there's no
cryptographic need for them is complex. I've made it, Barry's made it,
and yet there are people who want it.
In properly-running code, there's utterly no reason for either.
However, some people don't feel good about it, and they have a point,
albeit one I'm making better than they are.
Cryptographically, the cross-key-type error that they prevent are
effectively impossible. (And if they're *actually* possible, then
there are many scarier problems than a DKIM problem.) However, they
enable a sufficiently clever programmer to have an extra level of
safeguard against a software error that could cause a catastrophic
failure of the *system*, not the cryptography.
While this is indeed unlikely, what's wrong with having an extra
safeguard that makes people feel better about DKIM as a protocol?
That's why I'm saying, "yes, but."
There are plenty of ways to answer these questions, but I still think
that we still end up with a principle that the more controversial a
feature is, the more it should stay. I'm all for cutting the things we
decide in some rough consensus were better ideas two years ago than
they are now. I'm just saying that the presence of discussion is a
reason to just leave it. The controversy will end up with either the
feature being used, or the lack of use becoming manifest.
Jon
-----BEGIN PGP SIGNATURE-----
Version: PGP Universal 2.6.3
Charset: US-ASCII
wj8DBQFKOBnJsTedWZOD3gYRAhbvAKCYAFEy2Tb6YR5w/I5LiADCj3MgOACgyM93
it89ZRGsobkBU2aKtKV9qiI=
=iMyL
-----END PGP SIGNATURE-----
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html