On 6/9/2014 2:01 AM, Matt Simerson wrote:
I also fail to see how this is a security issue.
Agreed. It's *really* easy to filter and block delivery
for non-existent domains.
That is exactly what will be required to mitigate and close this new
security hole.
if mail.from.tld is .invalid
On Sun, Jun 8, 2014 at 9:06 PM, Hector Santos hsan...@isdg.net wrote:
Fundamentally, any From-Corruption (good term to use) concept is bad. 30
years of mail software/product/hosting development across multiple networks
tells me so, it ethically burns inside me as wrong and I have strong
On Sunday, June 8, 2014 4:03 PM, Hector Santos hsan...@isdg.net wrote:
Can we use a different tag for your proposal?
Hector, i'll give u one thing for sure: u do like to
make ur replies as detailed as possible.
i do respect that actually, cause it shows that u
give a damn, and that u r a
-Original Message-
From: dmarc [mailto:dmarc-boun...@ietf.org] On Behalf Of Talamo, Victor
Sent: Friday, June 06, 2014 4:56 PM
To: Vlatko Salaj; Popowycz, Alex
Cc: dmarc@ietf.org
Subject: Re: [dmarc-ietf] confusing 3rd party support so it remains out
I concur with Alex.
John Levine writes:
People made this suggestion for l= DKIM signatures, too.
l= DKIM signatures are a bad idea, precisely because in existing MUAs
there will be no indication of what is covered by the signature, and
what not. Nobody does that.
But now mailing lists and other mediators are
On Sunday, June 08, 2014 6:52 AM [GMT+1=CET], Dave Crocker wrote:
On 6/8/2014 12:23 AM, Franck Martin wrote:
I think we need to give advice to MUAs, while letting MUA developers
some liberty on how to interpret it.
I'm proposing the following text to be added to the DMARC spec
On Monday, June 09, 2014 10:54 AM [GMT+1=CET], Stephen J. Turnbull wrote:
John Levine writes:
Recording stuff in A-R is fine. Advice about how MUAs should
display them is not. Considering the dismal history of browser
warnings about bad SSL certs, I would expect any user interface
On Monday, June 09, 2014 5:15 PM [GMT+1=CET], Barry Leiba wrote:
We based DMARC spec on the From header because it is visible to the
end user.
Yes.
Unfortunately, that's sort of a red herring. Most email clients show
the pretty text of the From (the display-name ABNF construct) if it
On Monday, June 09, 2014 9:03 PM [GMT+1=CET], Dave Crocker wrote:
And then, of course, then there's the whole matter of needing external
references that objectively support the assertions you are making...
Yeah, well, we are having a mailing list exchange, not presenting a doctoral
thesis
On 6/9/2014 9:25 PM, J. Gomez wrote:
On Monday, June 09, 2014 9:03 PM [GMT+1=CET], Dave Crocker wrote:
And then, of course, then there's the whole matter of needing external
references that objectively support the assertions you are making...
Yeah, well, we are having a mailing list
On Jun 9, 2014 at 21:25 +0200, J. Gomez wrote:
=On Monday, June 09, 2014 9:03 PM [GMT+1=CET], Dave Crocker wrote:
=
= And then, of course, then there's the whole matter of needing external
= references that objectively support the assertions you are making...
=
=Yeah, well, we are having a
On Monday, June 09, 2014 9:40 PM [GMT+1=CET], Dave Crocker wrote:
To repeat, UI/UX design is a specialty requiring extensive training in
cognitive, memory and attention psychology, testing methodology and,
oh yes, computer science.
So I guess we will wait until Apples just does it, and then
On Monday, June 09, 2014 8:01 AM [GMT+1=CET], Matt Simerson wrote:
On Jun 8, 2014, at 10:32 PM, Brandon Long bl...@google.com wrote:
The message is already corrupted, or there wouldn't be a problem to
be solved.
When the message arrives at the list, it's unlikely that it's already
To repeat, UI/UX design is a specialty requiring extensive training in
cognitive, memory and attention psychology, testing methodology and,
oh yes, computer science.
So I guess we will wait until Apples just does it, and then go and copy it,
whichever side it falls.
Your response is
On Monday, June 09, 2014 11:12 PM [GMT+1=CET], Terry Zink wrote:
To repeat, UI/UX design is a specialty requiring extensive
training in cognitive, memory and attention psychology, testing
methodology and, oh yes, computer science.
So I guess we will wait until Apples just does it,
On Mon, Jun 9, 2014 at 2:30 PM, J. Gomez jgo...@seryrich.com wrote:
True, but at the same time UX is something that every user can talk about,
as per se every user has experience with it.
Every time I hear that UI is a black art to be refined only by ultra
specialists, I shiver in fear,
On Monday, June 09, 2014 22:38:54 Barry Leiba wrote:
Putting as much value on RFC5322 From as DMARC does follows
conventional wisdom, but I believe that wisdom is flawed.
Of course, that speaks to the advice you want to give: tell UIs that
they should show the From addr-spec to users always.
Terry Zink writes:
Your response is tongue-in-cheek but I think represents a harsh
reality; only large companies have the resources to test UX'es and
the associated user behavior.
Open source projects can simply do it, and let the real users of their
software test directly. They often do
Murray S. Kucherawy writes:
True, but who's to say our proposed improvements would make things any
better than the ones that would (or would not) happen without our
guidance?
I don't think we should propose improvements, at least not expecting
them to be taken at all seriously, and
J. Gomez writes:
I can understand the welcomed vs unwelcomed thing, but I do not
agree with calling the alteration decoration in one place but
corruption in the other.
Loading the language in such a way is asking for a given conclusion
even before the debate has started. That's not
On Mon, Jun 9, 2014 at 8:59 PM, Stephen J. Turnbull step...@xemacs.org
wrote:
[2] PGP can be worked around by placing the signed body in a separate
MIME part from the header and/or footer parts, and DKIM could at least
be adapted to decorated subjects using z= and footers using l=,
although
21 matches
Mail list logo