On 5/4/11 7:48 PM, Dave CROCKER wrote:
On 5/4/2011 9:15 AM, Murray S. Kucherawy wrote:
My read is that Rolf is objecting to RFC4871bis on the grounds that
it conflicts with RFC4686. (He can and should correct me if I'm wrong.)
If his concerns would be satisfied by a change (perhaps an appendix?)
that simply acknowledges some evolution in thinking based on
experience since RFC4686 was published, I imagine that wouldn't meet
with much resistance.
My reading of the concern is specifically that the statement of DKIM's
goal has been refined over time and that all that might be useful for
the current document is to cite that fact and, perhaps, compare
original versus current statements. The appendix to do that would be
very short. It perhaps should cite the incremental changes across the
sequence of wg documents and explain the salient meaning of the
change, but in informative and not normative terms.
If there is more material at issue, what is it?
Well, I think you both are right in reading what my concern/objection
against 4871bis is. And maybe you're also right in that RFC4871 wasn't
that much different of RFC4871bis.
I think in the early days of DKIM most people assumed DKIM would become
a protocol where:
* the body hash and header hash, using various header fields,
certifies the DKIM signature and
* the DKIM signature certifies the body and header fields, that had
been used to create the DKIM signature.
The current RFC4871bis defines a protocol where:
* the body hash and header hash, using various header fields,
certifies the DKIM signature and
* the DKIM signature doesn't say anything about the body and header
fields, that had been used to create the DKIM signature.
Well, if there is /real/ WG consensus that 4871bis is right in this
respect, then so be it. But is there real consensus? Or is it just
because of what Mike describes as "The set of people paying attention
now are extremely few". Why don't we see any recent contributions from
the authors of RFC4871? (except for Mike then).
It seems to me there are a number of WG participants (and I'm one of
them), who regret the fact that RFC4871bis does not make the few
additional steps required to achieve the expectations of the early days:
a protocol that not only provides a DKIM signature (and an important d=
payload) but also a protocol that certifies body and (some) header fields.
I fail to see why we don't take those one or two extra steps, to make
DKIM a protocol with much more use potential.
/rolf
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html