> -----Original Message----- > From: [email protected] [mailto:[email protected]] On Behalf Of > Alessandro Vesely > Sent: Monday, October 03, 2011 4:23 AM > To: [email protected] > Subject: Re: [marf] Comments on draft-ietf-marf-authfailure-report-01.txt > > The General Description in RFC 5451 makes it clear that methods that > were not applied deserve no "method=result" statement. That spec does > not mandate that _all_ methods be reported, thus leaving it ambiguous > whether unreported methods are not implemented at all or omitted for > any other reason. IMHO, that's good as it is.
The absence of "spf=" in an Authentication-Results field doesn't say anything about SPF work done at the verifier. Could be that it was tested and unreported for all I know. If the verifier wants to say explicitly "I didn't check this", there's no mechanism to do that right now. > Authfailure reporting is non-extensible by design, while RFC 5451 is. I don't agree at all with the first part of that statement. _______________________________________________ marf mailing list [email protected] https://www.ietf.org/mailman/listinfo/marf
