John R. Levine wrote:
Putting on my native speaker of American dialect hat, I don't see a useful
difference between "responsibility" and "some responsibility" in this
context. In practice they mean the same thing, and neither means "total
responsibility."
Agreed.
If someone goes to the effort of signing a message and publishing a
validation key, they have taken some responsibility for the message. On
the other hand, if you then complain to them about it, and they tell you
to get stuffed, that's the end of it. (You might stop accepting their
mail, but that's outside the scope of DKIM.) It's some responsibility,
but it may not be very much.
So pick one and be done with it. It doesn't matter which one.
The issue is that its too vague and incomplete especially when there
is an unknown and unrestricted RE-signers involved as part of the
framework.
What does responsibility actually mean? Does it mean that the last
signer is the blame or part of the blame for any harm caused?
Does the last signer absolve all previous signer(s) responsibility?
Is this something the original domain signer is aware of?
"INFORMATIVE NOTE: DKIM allows resigners to operate. When a
resigning takes place, all previous signer domains no longer
have a responsibility for the message."
Of course, in a perfect integrated protocol world, one could add
statements about POLICY restrictions, but that would be a taboo here
at this point. Maybe it can be stated another way to provide the
concept of absolving domain responsibility.
--
Hector Santos, CTO
http://www.santronics.com
http://santronics.blogspot.com
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html