Jim Fenton wrote: > That version is quite a bit better. I'd suggest that the block "Verify > Signature" be "Verify Signature(s)" instead. The diagram is a bit of a > tradeoff, but I agree it needs to be.
Tempting, but that would have a cascading effect, because then, for example, the diagram would have to deal with different sources of signature and different key stores. Messy. > In the notes underneath, you talk about "validating", but I don't think > I have seen that term defined anywhere. From the context, it seems to > be authentication + assessment, but this should be more explicit. I > also prefer the word "validation" to "validating". Oops. The word should be "verifying" since it only was meant to refer to verifying a signature. THe gerund form of the word is intended to echo the "signing" term used for the the other ADMD being mentioned. Parallel construction, and all that. > Last paragraph, s/are not defined in this document/are at the discretion > of the validator./ 1. The current language is formally correct. It declares an explicit boundary, with this issue outside of it. 2. Anything that is not within a specification is always at the discretion of whoever is doing the processing. Perhas counter-intuitively there is actually more information in saying explicitly that the issue is outside the specification than in saying the processor may do whatever it wants. d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
