On 08/30/2010 10:13 PM, Dave CROCKER wrote:
On 8/30/2010 1:10 PM, Rolf E. Sonneveld wrote:
I'd suggest that the second item actually be a normative
specification of
value-added features. This requires a change to the charter, and so
it would
have to wait until completing the current charter.
can you elaborate on what, in your view, would be part of this normative
specification?
merely as an example, I'll cite the usage of DKIM for subscription and
submission validation that has been mentioned a few times. Formally,
using DKIM that way is almost certainly a value-added semantic that
goes beyond the semantics of the DKIM signing specification. That's
ok to do, but requires a normative spec to define the behavior and
meaning.
Can we say anything normative about subscriptions and submissions when
the From address (even if DKIM signed- and verified OK) does not
necessarily say anything about the identity of the sender?
Or, vice versa, can we put more trust/faith in the From address if the
domain in the From address is equal to the d= domain value?
I assume you mean with subscription and submission validation, the act
of permitting/denying someone/some address to subscribe or to submit
mail? If so, that's an action in the category 'authorization' and
authorization requires authentication as foundation.
Please note: I'm not trying to kick off a complete new discussion, but
these are real questions that keep me busy. I'd love if the answer to
the second question would be: "Yes, IF domain part of From address
equals d= domain value, THEN we can use the From address as
authentication information", but I believe all discussions on this list
have not provided a clear "yes" answer to this question.
+1 for taking these items out of the MLM draft and create a separate
document for them, although I'm not sure it can be normative or just
informational.
/rolf
P.S. Dave, is it possible to disable greylisting for mipassoc.org or at
least for contributions to this list? Now we get sometimes a-synchronous
contributions where the answer precedes the question. (And yes, I hate
greylisting).
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html