On Fri, 14 Jan 2005, Julian Mehnle wrote:
This might also generally be a good idea, not just for best guess
processing. But allowing the SPF client to defer "temperror"s must always
err on the side of security, i.e. "temperror"s resulting from non-positive
mechanisms (-foo, ~foo, ?foo) must never be deferred.
An excellent idea. That will work for best guess also (at least for
any proposed guesses I've seen), and no "guessing" flag is required.
To probe more details:
If a temperror occurs while evaluating a mechanism:
If the mechanism is PASS (+ or default):
set temperror occurred flag
else:
raise temperror
At end of evaluation:
If temperror flag set and result is not PASS:
raise temperror
--
Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.