[email protected] writes: > Correction to my previous posting: The by clause is also mandatory in > Received: fields, and contains a domain and optionally an IP address. > To the extent it represents a privacy exposure, it can be handled in the > same fashion as the from clause.
Thanks for pointing this out. We didn't see the BY clause IP/hostname as serious of a problem, since it is the entity who owns that IP address who puts the line in there. If that entity doesn't want its own IP address in there, it could lie. The FROM clause contains the IP address of someone else, who the entity isn't necessarily authorized to store and forward IP address information about, so it is more problematic. But I agree that both concerns are relevant and that the document should allow, and probably encourage, not leaking any of the IP addresses. /Simon
signature.asc
Description: PGP signature
_______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
