Re: Clarification on "RFC Editor Note"

David MacQuigg wrote:
> At 06:39 PM 5/11/2005 -0400, Terry wrote:
>
> > David MacQuigg wrote:
> >
> > > At 01:06 PM 5/11/2005 -0700, William Leibzon wrote:
<snip>

> You are right, the connecting MTA should not decide (by itself) what 
> scopes to use.  The decision is made (indirectly) by the receiving MTA 
> and the purported Identity.  There must be a method they both support.  
> Maybe I should have said "use any method(s) you want".  
No, you shouldn't.  The connecting (sending) MTA has no say whatsoever 
on the SPF/SenderID/CSV/whatever authentication method used.  The owner 
of the domain name he claims to be sending from via DNS record(s) of the 
domain name claiming to be sending from determines the method(s).
Some authentication protocols use handshakes to negotiate a protocol. 
SPF/SenderID/CSV does not.  This is an *SPF* list, and related competing 
technologies possibly relevant for discussion use the same methods of 
determination.
> The subsequent 
> DNS hunt will show whether that method is supported.  The authentication 
> header will show what method was finally used.
Agreed

<snip>


> ...  Or maybe, please read my words a little more carefully before you 
> react.  We need to keep the diversions on this list to a minimum.
Agreed, the diversions should be kept to a minimum.  You can best do 
that by keeping your statements:
1) concise
2) accurate
3) without ambiguity or open to interpretation.

Sorry, but your first statement and the corrected statement are 
fundamentally different from a security perspective, and security is 
tantamount to success in an authentication protocol.
Terry


> --
> Dave
> ************************************************************     *
> * David MacQuigg, PhD      email:  dmquigg-spf at yahoo.com      *  *
> * IC Design Engineer            phone:  USA 520-721-4583      *  *  *
> * Analog Design Methodologies                                 *  *  *
> *                                   9320 East Mikelyn Lane     * * *
> * VRS Consulting, P.C.              Tucson, Arizona 85710        *
> ************************************************************     * 
>
> -------
> Sender Policy Framework: http://spf.pobox.com/
> Archives at http://archives.listbox.com/spf-discuss/current/
> Read the whitepaper!  http://spf.pobox.com/whitepaper.pdf
> To unsubscribe, change your address, or temporarily deactivate your 
> subscription, please go to 
> http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
--
Terry Fielder
terry(_at_)greatgulfhomes(_dot_)com
Associate Director Software Development and Deployment
Great Gulf Homes / Ashton Woods Homes
Fax: (416) 441-9085