On 7/21/2014 6:33 AM, Paul Smith wrote:
On 21/07/2014 11:09, Dave Crocker wrote:
On 7/21/2014 4:02 AM, Paul Smith wrote:
I think there should be something there about SPF and DKIM. There
is a problem with SMTP to do with trustability,
Fair point.
However "3.6.2. Mail eXchange Records and Relaying" seems an odd
place for background material on authentication and trust.
On reflection, I'm wondering whether that entire paragraph belongs
elsewhere, and with a different reference to spf and dkim?
Absolutely. As I said - in a rewrite, I'd put it somewhere totally
different (possibly an appendix along with other 'issues' with
SMTP), but this is an errata, so the options may be more limited (I
don't know - I'm not an expert on the RFC editing system)
Mumble. Well, when I wrote the Errata, I couldn't think of anything that
made sense to me in that context.
Perhaps some sort of very generic language?
From:
This specification does not deal with the verification of return
paths for use in delivery notifications. Recent work, such as that
on SPF [29] and DKIM [30] [31], has been done to provide ways to
ascertain that an address is valid or belongs to the person who
actually sent the message. A server MAY attempt to verify the
return path before using its address for delivery notifications, but
methods of doing so are not defined here nor is any particular
method recommended at this time.
To:
This specification does not deal with the verification of return
paths for use in delivery notifications. A server MAY attempt to
verify the return path before using its address for delivery
notifications, but methods of doing so are not defined here nor is
any particular method recommended at this time.
Various mechanisms exist for verifying identities of different
actors involved with the handling a message, including TLS[], SPF
[29] and DKIM [30] [31], OpenPGP, S/MIME.
and no, I'm not in love with the wording...
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp