Would it be an idea to call out certain modifiers (possibly mechanisms) in
the main spec as to be used for specific types of extension.
Accreditation is definitely a modifier.
We might want to reserve the smime and pgp mechanisms in the main draft.
What I an thinking here is that it is relatively easy to see if a message is
smime encoded, much easier than checking the signature.
So you would want to not reject at the MTA, and instead pass back the task
to the spam filter.
Phill
-----Original Message-----
From: wayne [mailto:wayne(_at_)midwestcs(_dot_)com]
Sent: Wednesday, February 04, 2004 9:51 PM
To: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
Subject: Re: [spf-discuss] SPF extension
In <20040205015742(_dot_)GS1323(_at_)dumbo(_dot_)pobox(_dot_)com> Meng Weng
Wong
<mengwong(_at_)dumbo(_dot_)pobox(_dot_)com> writes:
Before somebody else says it, I should point out the weakness of a
left-to-right processing scheme like SPF: only one new auth
mechanism
can be gradually introduced. We can't handle the semantics of "or".
Agreed.
If a domain wanted to assert that when its users aren't
coming from a
known IP range, then its users always either sign mail with smime or
sign mail with domainkeys, it could assert
v=spf1 a mx smime dk -all
But only clients that understood both smime and dk would be able to
fully parse this record. For all other clients the domain
might as well
not even publish a record beyond
v=spf1 a mx ?all
Which is why you should use "v=spf1 a mx [-?~]all smime=y dk=y"
-wayne
But I suspect the above "failure modes" are academic. The
scenarios are
contrived. I expect that a domain that has to resort to smime as an
authentication mechanism won't be able to do the "a mx" part.
On the contrary, I suspect that desire to use multiple extentions will
be common. Consider:
"v=spf1 a mx ~all smime-done-my-way=blah smime-done-right=barf"
-wayne
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.5.txt
Wiki:
http://spfwiki.infinitepenguins.net/pmwiki.php/SenderPermittedFrom/
To unsubscribe, change your address, or temporarily
deactivate your subscription,
please go to
http://v2.listbox.com/member/?listname(_at_)©#�«Mo\¯HÝÜîU;±¤Ö¤Íµø�?¡
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.5.txt
Wiki: http://spfwiki.infinitepenguins.net/pmwiki.php/SenderPermittedFrom/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname(_at_)©#�«Mo\¯HÝÜîU;±¤Ö¤Íµø�?¡