Random CNAMEs and SNI play poorly together. Might as well just use the
TXT record to point people at the real name of the server.
Heh. But in this case we don't really need HTTPS (or any validation), since
the SMTP reports can be sent without validation (or so we have all said, I
think).
I suppose, but if you do use https, it would be a cruel joke to specify
it in a way that made the certs not verify.
So same question for DMARC: if you had people using HTTP reporting, would
you do the section 7.1 thing? I have no qualms about including it, given
that it's already nicely spec'ed out, but this is sort of why we didn't
bother at a first pass.
The filenames are useful in SMTP reports to detect duplicates, for
debugging, and perhaps to decide where to file what. I'd think all of
those would apply for http reporting as well.
Regards,
John Levine, [email protected], Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail.
_______________________________________________
Uta mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/uta
