Dave CROCKER wrote:
> A number of the latest set of posts indicate that some folks haven't read
> RFCX
> 4871, and I don't mean "carefully". It almost looks as if they haven't read
> it
> at all. Worse, the point that is constantly being ignored was proffered
> quite
> clearly in the Errata draft. So it appears they haven't read that document
> either.
>
::snort::
> The Errata draft cites the text already in RFC 4871 that specifies a single
> output value. The text is not subtle or hidden. It is explicit and clear.
>
Section 6.3:
6.3. Interpret Results/Apply Local Policy
It is beyond the scope of this specification to describe what actions
a verifier system should make, but an authenticated email presents an
opportunity to a receiving system that unauthenticated email cannot.
Specifically, an authenticated email creates a predictable identifier
by which other decisions can reliably be managed, such as trust and
reputation. Conversely, unauthenticated email lacks a reliable
identifier that can be used to assign trust and reputation. It is
reasonable to treat unauthenticated email as lacking any trust and
having no positive reputation.
What part of "beyond the scope" is so difficult to understand? DKIM
produces a large set of authenticated bits. It's not our job to rank them,
let along pick "one" winner to exclusion of all other bits. Use and
experience will pick those winners, not some ill-conceived errata
trying to rewrite history.
> The requirement for specifying a single output is already specified in RFC
> 4871.
>
No it doesn't.
> Part of the requirement for having a legitimate discussion is that
> uncomfortable
> facts and considerations have to be dealt with in one's response. If such
> data
> are ignored, then all one is doing is selling, not discussing. That makes
> the
> interaction political rather than technical.
>
This is rich.
Mike
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html
