Hadmut Danisch <hadmut(_at_)danisch(_dot_)de> wrote:
...
So I still stick to my definition:
Identity Sending MTA's IP address
Authentication Verifying the Identity (TCP sequence numbers)
Authorization Domain owner's statement
Policy Receiving MTA's way to treat messages with or
without Signature, LMAP authorization, or from
domains without LMAP record, or DNS server down
While I do not agree with Hadmut's definitions, I cannot fault
them. And I'm quite sure there are others who will share them.
I believe we should try to avoid using these terms in meanings
different from Hadmut's definitions.
Yes, this probably means avoiding these terms at all -- which
strikes me as an excellent idea.
I'd like to remind everyone of the exact question that was
hummed at the BoF:
" Is there IETF work that we should take on to develop a mechanism
" that allows an MTA to use a DNS-based record to signal to peer
" MTA's that it is authorized to send mail?
(That's as close to a charter as we have right now.)
Within that statement, there is no "identity", no "authentication",
and no "policy". :^)
However, there is an "authorized". :^(
Can we live with Hadmut's definition of "authorization"?
(Keeping in mind that others will have different definitions)
If not, can we describe what it is we wish to signal -- in
terms that Hadmut won't interpret differently from others who
will read our documents?
--
John Leslie <john(_at_)jlc(_dot_)net>