Michael Haardt wrote:
I don't think Michael and I are going to agree on this, so I'd like to
hear from other WG participants. Does anyone else have an opinion?
owner-* is not something that's displayed often, so it's not important
what's there as long as it's correct. In the case of From I think it's
important to have the preferred form of the address, but owner-* is not
displayed often enough.
For this reason I think it's better to give the implementation all of
the responsibility, and not even give the script author a chance to
typo.
I think we talk about two issues here: Do we need more text to describe
the parameter value for owner? Barry says no, I say yes.
I am largely with Barry on this. See below.
The next is: Who may influence the value?
We agree on so far is that ":from" does not set the owner unconditionally,
and not even on the condition it is accepted as sender for sure.
We further agree that sender and owner may differ.
The example contains the common case of owner and sender being equal
and I want to make sure that people reading the text know for sure
that's not a fixed rule. The value may be any other address as well,
as long as it belongs to the owner.
I don't consider of the frequency of display important, but the fact
that the value may unveil which mailbox the notification originated from,
violating my privacy looking at the networks the notification may cross.
I think you are asking for owner-token being used instead of owner-email.
That does not mean I would like to see ":from" influencing the
owner. All I would like to specify is WHO is responsible, so
people using Sieve can be sure WHO to address for a changed
owner address, should they care. If we say
The parameter value depends on the implementation
So far so good.
and may or may
not be related to the sender of the notification message.
But it is *always* related to the sender of the notification in some way.
The only
requirement is that the address reaches the owner of the script.
I don't think this is even true. The only requirement is that the
sysadmin operating the system that is running the Sieve engine can
figure out which Sieve script (and for which user) generated a notification.
all my issues would be addressed, because it defines who is responsible
and that I can not expect ":from" to hide my identity, but that I
must look at what the implementation has to offer, and it allows the
implementation to use e.g. encrypted owner addresses or anything else.
I would not argue against having another example, that shows that
owner-email can be different.