ned(_dot_)freed(_at_)mrochek(_dot_)com
Negotiation can mean that A and B receive different messages, both stating
(in to/cc) that the other received the one they didn't. Sounds very fishy
to my ears.
This is nothing new; situations arise routinely where the header recipient
lists don't tell the full story about who did or did not get a message
Agreed. It's nothing new -- just more of a bad thing.
I suppose it's okay, though. If to/cc never were truly reliable, making
them even less reliable is no big deal. Even if it's the first time a
Proposed Standard does it.
or a
particular version of a message.
Hm? I know that some mailing lists do rather a lot of header field
rewriting and/or append a new signature. Are there other examples?
The thing sounds as if it's 100% incompatible with S/MIME and other
signature mechansisms. Shouldn't that be mentioned in the draft's security
considerations section?
...
As for mentioning any of this in the security considerations section, I
have no problem with that.
Good. That's what I want.
--Arnt