On 28 Dec 2024, at 14:34, Barry Leiba wrote: >>> RFC7489 section 6.6.2 was clear that Mail Receivers MUST implement >>> both SPF and DKIM. DMARCbis is no longer clear in this aspect. >> >> Agreed; I was going to make a similar comment about the lack of normative >> language here > > I will point out that specifications don't have to say "MUST" in order > to be normative. > > Whether the working group wants "MUST" for emphasis or not is a > question the working group has to answer. But the text Tero quoted > (repeating here for convenience): > >> For each Authentication Mechanism underlying DMARC, perform the >> required check to determine if an Authenticated Identifier >> (#authenticated-identifier) exists for the message if such check >> has not already been performed. > > ...is absolutely normative.
Yes it is. I would have made a bigger deal out of this if it wasn’t. I find the RFC 8174 version to be much clearer, especialy since the MUST is in uppercase. But as you say, the lack of emphasis is a WG decision. -Jim _______________________________________________ dmarc mailing list -- [email protected] To unsubscribe send an email to [email protected]
