On Thu, 2004-07-22 at 14:34, Nico Kadel-Garcia wrote:
From: "Jonathan Gardner" <jonagard(_at_)amazon(_dot_)com>
That is the bottom line. Which one do you think I did?
False dichotomy, followed up by a strawman.
False dichotomy? In asking us to guess which choices he actually made,
you believe he might have really made a third choice that he didn't tell
us about, thus giving us an incorrect list of choices to chose from in
guessing what his response actually turned out to be? :-)
(Sorry, I just couldn't resist.)
The normal response is one of:
[deleted]
Okay, perhaps those are "normal responses". Are you saying that you
would have responded in one of those three ways yourself?
(Or are you perhaps saying that those are some possible response
messages, but that you're not going to tell me anything about what sort
of response messages you would personally approve of? :-) )
In any event, whenever I get "taking responsibility"-type responses from
a person or company, I feel better about continuing to deal with that
person or company.
But whenever I get one of the "normal responses" that you list, I make
it a point to never do business or associate with this person again if I
have much of a choice about the matter.
You continue to ignore the difference between "sent from us" and "sent by
someone on our machines".
1. Why would I possibly *care* if it's sent from someone on your
machines if, in both that case and in the "it may be sent from our
machines or not" case, the end result is that the message may or may
not be legitimate?
There's simply no *point* to publishing such a useless bit of
information.
2. If you really want to say that messages sent from a particular
machine claiming to be from you may or may not be authentic,
then would you agree that "?" says that?
If you agree that "?" says that, then would you still refuse to
let "+" cover the claim that messages from those machines
claiming to be from you are authentic?
(If you have some moral objection to making the latter claim for
your domains, or if you feel that for some technical reason you
cannot make that claim for your domains, then feel free to use
"?". But, please don't stop *me* from making that claim for
*my* domains.)
If you were in control of the standard, and you did refuse to
let "+" mean that recipients could trust that the messages from
that server were authentic, would you allow for another prefix
to do so, perhaps "++", (double-plus good)?
The difference is huge, and is the difference
between being the letter bomb sender and the delivery person who left the
package.
"Hmm. The letter bomb said it came from 'terrorists-are-us', and since
they say they trust the delivery company not to forge mail(bombs) in
their name, I guess we should get someone to investigate
'terrorists-are-us' to see what's going on. In the meantime, let's
refuse all packages claiming to be from 'terrorists-are-us', or at least
first examine the packages in a safe environment before handing them off
for the intended end recipient to (re)open them himself."
--
Mark Shewmaker
mark(_at_)primefactor(_dot_)com