AccuSpam <support(_at_)accuspam(_dot_)com> wrote:
IMO, the scope should be implicit from the specification.
"Implicit" instructions in specifications have historically meant
inter-operability problems, and security flaws.
The specifications exist to make scope/intent explicit. Adding a
few more sentences to clarify the scope would be a good idea for any
specification.
And if so, do you actually think it is better for the receiver to have
to guess the intended scope of the sender?
Yes because inherent in the design of the specification should be
acknowledged the *REALITY* that the sender can not control the
receiver (verifier).
Control is different from intent. MX records in DNS are intended to
be used as destination IP's for SMTP traffic to a domain, and that
intent is explicit in the specifications. Yet nothing stops anyone
from doing:
$ ping `host -t mx example.com`
For MARID issues, the intent of the publisher of the records should
be made explicit in the specifications, if not the protocol. For the
vast majority of recipients who use the records as expected, having
that intent explicit makes their jobs easier. For the recipients who
don't follow the publishers intent, it makes no difference to have
that intent explicit, because they won't follow it.
I think it would be folly and brittle for us to attempt to specify
*ALL* the ways that the data in the DNS record can be used and
interpreted, ...
Similarly, it would be follow to specify *no* standard way for the
data to be used and interpreted.
There is a happy medium. We should find it, and use it.
Alan DeKok.