ietf-smtp
[Top] [All Lists]

Re: [ietf-smtp] Error in RFC 5321 concerning SPF and DKIM

2014-07-21 05:45:37
On 7/21/2014 6:33 AM, Paul Smith wrote:

On 21/07/2014 11:09, Dave Crocker wrote:
On 7/21/2014 4:02 AM, Paul Smith wrote:
I think there should be something there about SPF and DKIM. There
is a problem with SMTP to do with trustability,

Fair point.

However "3.6.2. Mail eXchange Records and Relaying" seems an odd
place for background material on authentication and trust.

On reflection, I'm wondering whether that entire paragraph belongs 
elsewhere, and with a different reference to spf and dkim?

Absolutely. As I said - in a rewrite, I'd put it somewhere totally 
different (possibly an appendix along with other 'issues' with
SMTP), but this is an errata, so the options may be more limited (I
don't know - I'm not an expert on the RFC editing system)


Mumble. Well, when I wrote the Errata, I couldn't think of anything that
made sense to me in that context.

Perhaps some sort of very generic language?

From:

This specification does not deal with the verification of return 
paths for use in delivery notifications.  Recent work, such as that 
on SPF [29] and DKIM [30] [31], has been done to provide ways to 
ascertain that an address is valid or belongs to the person who 
actually sent the message.  A server MAY attempt to verify the
return path before using its address for delivery notifications, but
methods of doing so are not defined here nor is any particular
method recommended at this time.

To:

    This specification does not deal with the verification of return
    paths for use in delivery notifications. A server MAY attempt to
    verify the return path before using its address for delivery
    notifications, but methods of doing so are not defined here nor is
    any particular method recommended at this time.

    Various mechanisms exist for verifying identities of different
    actors involved with the handling a message, including TLS[], SPF
    [29] and DKIM [30] [31], OpenPGP, S/MIME.


and no, I'm not in love with the wording...

d/
-- 
Dave Crocker
Brandenburg InternetWorking
bbiw.net

_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp

<Prev in Thread] Current Thread [Next in Thread>