On May 27, 2010, at 12:29 PM, Roland Turner wrote: > On 26/05/2010 23:40, Brett McDowell wrote: >> This is a good example of a tradeoff that I think would benefit from some >> agreed upon principles. If we agreed to the following two principles, I >> think we'd all find a lot more common ground: >> >> 1) Authenticated email is optional, not required >> 2) We desire to fully enable the functionality of the authenticated email >> ecosystem, but >> 3) We will do nothing with the authenticated email architecture that forces >> non-participating email stakeholders harm/breakage/errors >> > > That would be three principles, and I think they're sound. > > This does leave us somewhere rather unpleasant for: > > - sender from a discardable domain sends to a mailing list, despite the > advice being not to > - the MLM is a non-participant > - a subscriber is rejecting messages which fail DKIM authentication > (conservative stance: avoid silent failures causing mail loss) > - the MLM unsubscribes the recipient for [multiple] refusals > > In this case, a participating-but-conservative receiver cops collateral > damage because of incorrect/ill-advised behaviour by a sender. This is > an undesirable outcome. > > I'd strengthen #3 with unrelated harm/breakage/errors should not arise > from participating stakeholders behaving conservatively. > > - Roland
Why not simply clarify this in the currently underway DKIM-BCP? Then we don't have to have the caveat in our three guiding principles. Our principles will assume all stakeholders (participating in authentication or not) are reading and following our BCP guidance. Is that a fair position for us to take? _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
