On 2/1/2021 5:58 PM, Michael Thomas wrote:
This, on the other hand, should be measurable. Saying that we should
ignore authentication requirements should require extraordinary proof
that it is needed for practical as well as security reasons. The
burden of proof is on the nay-sayers, especially since it is so
trivial to implement these days.
Or perhaps:
1. Barrier to adoption, for something that supposedly needs a lot
more adoption
2. Doesn't seem to make much difference.
I'd class those as suggesting rather strongly that the burden is on
those that want to impose the barrier, rather than those who don't.
The problem with arbitrarily claiming a requirement, without justify it
carefully and in a balanced matter is that it is, well, arbitrary.
d/
--
Dave Crocker
[email protected]
408.329.0791
Volunteer, Silicon Valley Chapter
American Red Cross
[email protected]
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
