Can we live with Hadmut's definition of "authorization"?
(Keeping in mind that others will have different definitions)
Not if we want the spec to be comprehensible in the security
community.
Oh, I thought I came from the security community.
If there is any different definition used in the "security
community", could you give me a reference? That's interesting.
We are not putting permissions data in the DNS here, we are
putting credentials data in the DNS and stating that recipients
should verify that mail messages purporting to originate from
the zone are authentic with respect to a credential.
"credentials" is a term commonly used for attributes of an
entity. What we keep in the DNS are authorization records, not
really credentials. Again, could you give a citation for your
definition?
regards
Hadmut