On May 27, 2010, at 12:29 PM, Roland Turner wrote:
On 26/05/2010 23:40, Brett McDowell wrote:
This is a good example of a tradeoff that I think would benefit from some
agreed upon principles. If we agreed to the following two principles, I
think we'd all find a lot more common ground:
1) Authenticated email is optional, not required
2) We desire to fully enable the functionality of the authenticated email
ecosystem, but
3) We will do nothing with the authenticated email architecture that forces
non-participating email stakeholders harm/breakage/errors
That would be three principles, and I think they're sound.
This does leave us somewhere rather unpleasant for:
- sender from a discardable domain sends to a mailing list, despite the
advice being not to
- the MLM is a non-participant
- a subscriber is rejecting messages which fail DKIM authentication
(conservative stance: avoid silent failures causing mail loss)
- the MLM unsubscribes the recipient for [multiple] refusals
In this case, a participating-but-conservative receiver cops collateral
damage because of incorrect/ill-advised behaviour by a sender. This is
an undesirable outcome.
I'd strengthen #3 with unrelated harm/breakage/errors should not arise
from participating stakeholders behaving conservatively.
- Roland
Why not simply clarify this in the currently underway DKIM-BCP? Then we don't
have to have the caveat in our three guiding principles. Our principles will
assume all stakeholders (participating in authentication or not) are reading
and following our BCP guidance. Is that a fair position for us to take?
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html