Hadmut Danisch <hadmut(_at_)danisch(_dot_)de> wrote:
...
So I still stick to my definition:
Identity Sending MTA's IP address
Authentication Verifying the Identity (TCP sequence numbers)
Authorization Domain owner's statement
Policy Receiving MTA's way to treat messages with or
without Signature, LMAP authorization, or from
domains without LMAP record, or DNS server down
While I do not agree with Hadmut's definitions, I cannot fault
them. And I'm quite sure there are others who will share them.
I'm not wild about the wording, but this is close enough for me. I find
no fault here either. I note in passing that these definitions are
largely consistent with the definitions of the terms given in RFC 3539.
I believe we should try to avoid using these terms in meanings
different from Hadmut's definitions.
Agreed.
Yes, this probably means avoiding these terms at all -- which
strikes me as an excellent idea.
Yep.
I'd like to remind everyone of the exact question that was
hummed at the BoF:
" Is there IETF work that we should take on to develop a mechanism
" that allows an MTA to use a DNS-based record to signal to peer
" MTA's that it is authorized to send mail?
Very good point.
(That's as close to a charter as we have right now.)
Within that statement, there is no "identity", no "authentication",
and no "policy". :^)
However, there is an "authorized". :^(
Can we live with Hadmut's definition of "authorization"?
(Keeping in mind that others will have different definitions)
I certainly can.
Ned