ietf
[Top] [All Lists]

Re: Last Call: <draft-levine-herkula-oneclick-04.txt> (Signalling one-click functionality for list email headers) to Proposed Standard (fwd)

2016-09-20 18:54:32
Nothing personal, but for interop purposes, the opinions of ops people
at large mail systems matter a lot more than your opinion or mine.

They may have their views, but the spec is for the world at large,
and I do think that the "email unsubs may DoS the sender" rationale
will be seen as a feature and not a bug by many potential adopters.
We can provide a more broadly useful rationale.

We seem unable to agree on why we're not doing one-click mailto:, and in any event since we're not doing it, it's irrelevant to the spec, so I commented the paragraph out of -06.


There's a reason why browsers send "Origin:" headers, the MUA should
do the same when doing POST requests based on email headers.

MUAs have been doing GETs and, for messages with forms in them, POSTs
for over a decade.  What origin headers do they send now?  Why is this
different?

R's,
John

<Prev in Thread] Current Thread [Next in Thread>