ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] ISSUE: 4871bis-02 - Section 8.14 comments

2010-10-13 18:36:33
-----Original Message-----
From: Jim Fenton [mailto:fenton(_at_)cisco(_dot_)com]
Sent: Wednesday, October 13, 2010 3:22 PM
To: Murray S. Kucherawy
Cc: ietf-dkim(_at_)mipassoc(_dot_)org
Subject: Re: [ietf-dkim] ISSUE: 4871bis-02 - Section 8.14 comments

Here's some text I propose for section 8.14, in place of the current
text. Bear in mind that this is in the context of the Security
Considerations section of the spec, so it is really a discussion of the
threat and how it is dealt with, rather than normative text.
[...]

It seems to me you're saying the same thing bis-02 is saying, but with perhaps 
less terse language.  In particular, bis-02 says "SHOULD NOT validate" 
something that's malformed, while you're saying "SHOULD" validate format before 
processing.  Those sound the same to me, but if people like this expression of 
it better then I'm also happy with it.

You're right about splitting the verifier advice out to Section 6.  Good point. 
 And your rewrite of 8.14 is cleaner than what we have now.

I agree that using a MUST is too strong; not only is it a very hard requirement 
to achieve but it wanders into the realm of making DKIM modules responsible for 
5322 enforcement, and I don't like that at all.  Thus I think SHOULD is 
appropriate, and MAY is even more so (but I'll settle for the former).

A minor point: I would like your proposed 5.3 and 6.1.1 (should that be 6.1.2?) 
text to contain something like "See Section 8.14 for further discussion."

-MSK

_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

<Prev in Thread] Current Thread [Next in Thread>