The purpose of the spamops specification is to get operators to use certain,
strategic procedures.
With respect to authentication, it cites some techniques, but is not intended
to
discuss them in depth. In other words, the document really does try to avoid
the slippery slope of debating nuances about different authentication methods.
Such a debate seems a sure way to distract the document from it's primary
goal, as well as to delay its publication indefinitely.
then again, unless the document supplies some justification for its
recommendations about authentication, people will not accept its
recommendations - particuarly when doing so is expensive or disruptive.
I agree with trying to avoid an in-depth discussion. the question is
how much depth is necessary for the document to serve its purposes.
Keith