ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-dkim] Data integrity claims

2010-10-16 13:18:50
from [Dave CROCKER] [Permanent Link] 


On 10/16/2010 1:07 PM, MH Michael Hammer (5304) wrote:

This is disingenuous on your part. It is akin to saying that although
the common usage of hammers is to hit nails, we must accept within the
definition of normal the usage of beating people on the head with a
hammer.... simply because some people do and it is not documented
through warnings on hammers that this is not normal.

There is a subset of headers that the vast majority of informed (even
semi-informed) implementers would agree on. Perhaps we need to reach a
consensus and document this to protect the children.



Wow. From sophistry to disingenuous.  Today seems to be when people think that 
tossing in slams at motives, legitimacy and style somehow facilitates 
discussion.  It invites all sorts of responses in kind, none of which would be 
constructive.  And I've tossed in this comment merely to note how irritating 
today's vocabulary choices are and suggest folks make more judicious choices. 
My postings have constructive intent and serious thought behind them.  The 
might 
be wrong, but they are not naive, frivolous, poorly intentioned, or any of the 
other things that permit superficial dismissal.  Please debate them on 
substance; if you've missed the substance, please show the courtesy of simply 
asking for clarification.

In any event, it's clear that at least two of you have entirely missed my 
point. 
  So let's try this again, more carefully:


There is a fundamental difference between saying "something bad might happen" 
versus "do this specific thing to provide this specific protection".  One is a 
generic warning.  The other is a spec.  The difference is not subtle.

Re-read my questions.  They werequite precise.  The text in the spec does not 
provide precise answers; when it appears to provide precise answers, they were 
not the result of informed thought:

      "Which header fields are essential to protect?
       How much of the message body is essential to protect?"

Let me emphasize:  Most of the advice in the spec is not useful, except as 
basic 
reminders to an already-knowledgeable reader.  "Useful" means that someone who 
does not already knows the answer is able to figure out the answer from the 
guidance that is given or the guidance tells them how to go about finding out 
the answer.  They can't do that with what is in the spec.

I don't mean we should rip out all the advice, merely that we need to 
distinguish between soft advice and serious, technical specification.

d/

-- 

   Dave Crocker
   Brandenburg InternetWorking
   bbiw.net
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] detecting header mutations after signing, MH Michael Hammer (5304)
Next by Date:  Re: [ietf-dkim] sophistry is bad, was Data integrity claims, Scott Kitterman
Previous by Thread:  Re: [ietf-dkim] sophistry is bad, was Data integrity claims, MH Michael Hammer (5304)
Next by Thread:  Re: [ietf-dkim] yet more sophistry, was Data integrity claims, John R. Levine
Indexes:  [Date] [Thread] [Top] [All Lists]