Hi Jim, just one comment:
> Section 5.3 paragraph 3: "MUST match the value found in the filename" > but the value in the filename is only a recommendation (section 5.1). I > continue to lean toward not depending on values in other than the > message body (single source of truth). I believe that this section describes how the "TLS-Report-Submitter" is filled in by sender, not how it is checked by the receiver. Section 5.6. already states that the report body is the only authoritative source for receiver. I agree that the current wording is a confusing and can be improved. For example: When constructed the "TLS-Report-Submitter" value MUST match the value in the filename (if it is present there) and the [RFC5321] domain from the "contact-info" from the report body. These message headers MUST be included and should allow for easy searching for all reports submitted by a report domain or a particular submitter, for example in IMAP [RFC3501]: Daniel, Alex, is this interpretation correct? > -Jim Regards, Valery. _______________________________________________ Uta mailing list Uta@ietf.org https://www.ietf.org/mailman/listinfo/uta
