Murray S. Kucherawy wrote:
It seems I need to re-confirm this group's consensus on a point of the
draft as it proceeds through IESG evaluation.
The scope of this work has always been pretty narrow: We take the output
of message authentication methods and relay them to MUAs so they can make
their own filtering decisions based on those results. None of the
implementations in the four years of this work has found a need to deviate
from that practise, so that really does define the scope of this work.
Huh. About the only useful thing that I've found for Auth-res has
*nothing* to do with MUA's. That is, I use auth-res in logs to do
forensic and other analysis. So what you write is simply not true
in practice. Nor do I see any particular reason why the draft should
care who consumes the data: we're not the net-cops, after all. If
a consumer understands the security considerations, what its *role*
is in the email food chain is completely and utterly irrelevant.
Mike
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html