Murray S. Kucherawy wrote:
Tony Hansen wrote:
Actually in light of that question, maybe we don't need "neutral" at
all. For methods that have a policy, the verification attempt will
produce one of the other results. For those that don't have some
queryable policy, "neutral" never happens.
Well, I've seen people who want to be able to say "X doesn't say
anything positive or negative for this message". That's the purpose of
neutral.
OK, so how about this for neutral:
The authentication method completed but was unable to reach a positive
or negative result for the message.
ok.
A related question is what value should be put in the headerspec for
failure situations? The identity has not been verified, so there's no
value to be put into the headerspec.
Why would it change? The method still based its evaluation on something
(a header value, envelope data, "i=", or something else).
Sometimes it's the lack of something that causes the failure, not the
presence of it. And the value part is supposed to include an extracted
value; what if there *is* no such value?
Consider a message that is missing a dkim-signature header where the
policy says that the header is required; what do you put into the value
part of the headerspec?
Hmmm, that might call for a ptype of "policy". :-)
Tony Hansen
tony(_at_)att(_dot_)com
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html