"Andrew" == Andrew Newton <andy(_at_)hxr(_dot_)us> writes:
Andrew> 2) Many of the steps talk about a "non-Empty" header.
Andrew> Isn't this requirement also fulfilled by step 5, therefore
Andrew> making this requirement in the subsequent steps redundant?
No. Consider an message that contains a valid From header and an
empty sender header. Currently, step 3 will ignore the (illegal)
empty Sender header, and step 4 will select the From header.
If the words "non-empty" were removed, step 3 would select the empty
Sender header, and step 5 would then fail to determine a PRA because
the header was malformed.
Whether this case is important in practice, I don't know. The current
PRA algorithm is based on a proposal I made to this WG in response to
-core-00. I specifically specified it this way because the Caller ID
PRA algorithm considered only non-empty headers, and handling of empty
headers wasn't the issue I was concerned about. (My proposal was
intended to be a "minimum change" proposal from the original
algorithm.)
I raised the question a week or so ago as to whether it might be an
idea to remove the words "non-empty". There seems no pressing need
for them in the PRA algorithm as currently defined. It adds a (small)
amount of complexity, and only changes the outcome for ill-formed
messages.
The cost is small, and if there is a belief that spurious empty
headers occur in otherwise well-formed messages in the wild, then I'm
all for keeping the wording. But since checking whether the headers
are empty is an extra conceptual step, if we retain it, we should at
least have some idea as to why we're doing this...
-roy