On Fri, 24 Oct 2008 17:10:14 +0100, Murray S. Kucherawy
<msk(_at_)sendmail(_dot_)com>
wrote:
An issue has been raised regarding the name of the proposed header
field. Some of the methods supported by the draft are specifically
message authorization and not authentication (e.g. SPF, Sender-ID) and
there's a concern that this might mislead some consumers of the header
field's contents. Do others concur, or is it not something about which
to be concerned?
Having read all of this discussion, I conclude that "Authentication" is
actually the *correct* term for what this header does.
"Authentication" is a statement of assurance about some particular aspect
of the provenance of a message.
"This is an authentic Ebay message"
"It is authenticated that this message came from an Ebay IP address"
"It is authenticated that this message passed through X during transit"
"It is authenticated that such and such a header was added by X"
All these are saying different things about the provenance of the message.
The only thing they have in common is that the statement being made has
been verified by some technical means.
None of them says *anything* about "authorization" (though that may be
implied by secondary information available from elsewhere, such as ADSP
records).
So the name of the header is correct. Adding further parameters to it
might or might not be appropriate (for example a parameter that indicated
some associated ADSP status, to save the recipient from looking it up
again).
Perhaps we could take advantage of a lexical coincidence and rename it
to "Auth-Results", specifying in the draft that it covers both
authentication results and authorization results. Would that work?
No, because that introduced "Author" into the possible
(mis-)interpretations :-(.
--
Charles H. Lindsey ---------At Home, doing my own thing------------------------
Tel: +44 161 436 6131
Web: http://www.cs.man.ac.uk/~chl
Email: chl(_at_)clerew(_dot_)man(_dot_)ac(_dot_)uk Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K.
PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html