On Feb 20, 2009, at 1:44 AM, John Levine wrote:
http://www.ietf.org/IESG/APPEALS/appeal-otis-2009-02-16.txt
This appeal boils down to "someone might misuse it so don't
standardize it." Is there any standard to which someone couldn't
have made a similar objection?
The appeal is in regard to offering recipients potentially misleading
information where its source is intentionally omitted thus preventing
reputation evaluation by the MUA as required by section 4.1.
Much of the bad stuff they say about SPF and Sender-ID is correct,
but it'll be equally true whether or not a header reports the results.
I have reviewed the draft and find it to be technically sound.
Dave Crocker made a point about not necessitating the examination of a
mechanism's internals when objecting to the inclusion of the IP
address of the SMTP client. Dave Crocker was confused since this same
input is also provided to an infrequently used "iprev" where this
input is captured by the Authentication-Results header. However
section 2.4.3. "SPF and Sender-ID Results" of the draft stipulates
conditional inclusion of a local-part, but the local-part's role is
not defined by the output of the "spf" mechanism. The "senderid"
mechanism stipulates the local-part plays no role. Clearly, such
source omission and conditional inclusion represents a technical error.
-Doug
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf