> Here is an example of an A-R header with multiple results combined
> together:
>
> Authentication-Results: example.com;
> dkim=pass header+body=foo.example.org (comments);
> spf=fail (comments);
> csv=pass smtp.ehlo=foo.example.org (comments);
> sidf=pass body(_dot_)sender=user(_at_)foo(_dot_)example(_dot_)org
(comments)
>
> Note how the headerspec varies with the method and its results reflect
> both: 1) what was used to do the tests, and 2) the identity that was
> verified.
I strongly support a change along that line. This is clean and easy to
understand; documents all the AR work done by hostname in a single
header which I love.
> 3) Make the headerspec property an optional value to be specified by
> the registration specifics for a given authentication method. So
> whatever document is used to define how A-R is used by dkim would also
> specify what value should go here. Not all authentication methods will
> need a property.
>
> 4) Make the headerspec value a mailbox, domain or token. Which it is
> would also to be specified in the authentication method specific
> registration for a given method.
Would either of those options mean an update to (for example) the [AUTH]
spec would be required to add this text? Could we define something to
use in the interim?
> 2) Make the headerspec ptype a list of "smtp", "header" and "body".
How would you do PRA?
something like: spf2/pra: pass header=foo(_at_)bar(_dot_)com (Comments);
> 1) Move the headerspec to after the method=result.
I think we should do this regardless of the other options.
--
Arvel
_______________________________________________
NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html