Re: Re: What the verifier can do

----- Original Message -----
From: "Paul Hoffman" <phoffman@xxxxxxxxxx>
To: <ietf-dkim@xxxxxxxxxxxx>
Sent: Sunday, April 30, 2006 11:26 AM
Subject: Re: [ietf-dkim] Re: What the verifier can do


> Fully agree. I am proposing staying silent on heuristics in the core
> protocol, not banning them. Does that work for you?

Define heuristics.

Keep in mind that saying such things:

    "... considered Invalid"

is an heuristic.

    "Treat as If unsigned"

is an heuristic, and by its very virtue it is helping to define "rules" for
local policy that quite frankly won't make send when the goal is to general
control, dare I say, "mail pollution."

The problem I have is that what you are proposing isn't a protocol.  In my
view, what is being confused is "real mechanical" deterministic protocol
concepts such as:

     - Syntax failures,
     - Incorrect usage,
     - Unauthorized usage,
     - Not honoring protocol attributes, (i.e, expiration x=)
     - Interoperability failures,

etc, etc, etc.

When the base is written so vague for the sake of purity and simplicity, it
promote chaos and confusion and inconsistencies down the road.

What is patently different now is that we want domains to inherit a new
responsibility by signing messages.  To what end when we have a spectrum of
different verifier behaviors?  Is there no risk here for the domain?  Why
would it want to put its reputation on the line here?

You need a baseline here where all verifiers are expected to honor and
support.

--
Hector Santos, Santronics Software, Inc.
http://www.santronics.com