On Sun, Jan 24, 2021 at 4:25 PM Brotman, Alex <Alex_Brotman= 40comcast....@dmarc.ietf.org> wrote:
> Some time ago, an issue[1] was brought to the list where which DKIM(s) > being reported is not clear in RFC7489 [2]. There was a short discussion, > though no clear resolution before conversation trailed off. It seems like > there were points that may need to be discussed. One was whether the > reporting SHOULD report all signatures, regardless of alignment or > validity, or perhaps just the one that aligns (if there is one). There was > also another question if there should be a limit to the number of > signatures reported so that it remains sane. > A warning about use of "SHOULD" (or "RECOMMENDED") with respect to protocols: Text saying "implementers SHOULD do foobar" presents the implementer with a choice. If you're going to say that, you need to explain the choice; in particular, an implementer should have some idea of the circumstances under which she might legitimately not do what it says and what the implications of doing so are with respect to interoperability. A bare SHOULD, meant to be hand-wavy like "you really ought to do this, but you don't actually have to if you don't want to" is likely to draw attention. I've been kind of picky about this lately during IESG Evaluation. In this case, "reporting SHOULD report all signatures" -- why would you not? -MSK
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
