Dave CROCKER wrote:
On 5/4/2011 7:04 AM, Rolf E. Sonneveld wrote:
Which documentation makes your above claims?
Both documents refer to rfc4686, albeit only in the Informative
References section. rfc4871 refers to rfc4686 only in section
8, rfc4871bis in section 8 as well as in section 1.1.
Please provide us some pointers regarding the differences
between rfc4871 and rfc4871bis in relation to the above statement.
The claim that rfc4871bis has the goal you claim is yours.
It showed that. Are you suggesting security is not part of DKIM's goal?
So you need to do the work of subtantiating it.
The proof of concept was done in the WG consensus built RFC4686 security
document.
So far, as you acknowledge, your only reference is quite old, merely
informative, and not a specification. In contrast, rfc4871bis declares
the goal of its specification and it's not the one you assert.
Exactly the point, it doesn't reflect current implementation needs yet
has inconsistencies where any reasonable engineers can presumed the design
is beyond what you attempting to mandate for receivers.
You've now had multiple people responding to this thread with various
explanations why it is off the mark.
But there are multiple people who disagree with those explanations and
agree Rolf is right on mark.
We should be done.
We should of been done long ago. IETF needs to consider why you are
having a hard time explaining away the security concerns for almost 5
years now.
You need to rethink why reasonable compromising solutions offered
should be ignored and rudely shunned out. You need to consider good
nature WG participant perspectives to help DKIM better fit receiver
needs and considering ODID (and AUID) is compatible with the DKIM goal.
--
Hector Santos, CTO
http://www.santronics.com
http://santronics.blogspot.com
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html