On 26/May/11 18:56, S Moonesamy wrote:
> http://tools.ietf.org/html/draft-ietf-yam-rfc4409bis-00
>
> Please review the I-D and send comments to the YAM mailing list.
Does it make any sense to add an MSA-specific header field?
Hm... RFC 5451 provides an Authentication-Results entry to convey
SMTP-AUTH results --not necessarily SUBMISSION. It is exemplified as
Authentication-Results: example.com;
auth=pass (cram-md5) [email protected];
RFC 4409, as well as 'bis', generically say that "The MSA MAY
(digitally) sign or otherwise add authentication information to the
message." However, lines like the one exemplified above would reveal
the sender's login id, which the MSA may want to hide according to
(I-D, section 8.8):
For example, a site may prefer to rewrite 'JRU' as
'J.Random.User' in order to hide login names
Thus, if at all, it may be worth mentioning that the relevant
/propspec/ may be omitted for the same reason. That is, e.g.,
Authentication-Results: example.com;
auth=pass (details omitted as precautionary measure);
_______________________________________________
yam mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/yam
