My reading of the gateway definition does lend itself better to mapping between not-email and email, but it does mention that they can also be present when significantly different administrative policies are present. The motivation draft describes a couple different mutations performed by these services, which are administrative policies and are likely very different from those used by other organizations.
Boundary filter (section 5.5) may also be a reasonable definition for what the motivation draft describes. I'm not entirely clear on what makes the boundary filter definition distinct from the gateway definition though. On Tue, Jul 22, 2025 at 5:27 PM Dave Crocker <[email protected]> wrote: > On 7/22/2025 1:52 PM, Allen Robinson wrote: > > I think the term "security gateway" in that document is meant to describe > a gateway (https://datatracker.ietf.org/doc/html/rfc5598#section-5.4) > that is primarily used to do "security" things to any email sent through > that gateway. Maybe it would be better to drop the word security, rather > than try to define this specific term for this specific subset of gateways? > I don't think there's anything technically special about the security > aspect with respect to how DKIM2 would work in the context of these mail > flows. > > > I am not offering an opinion about whether to use the term, until I see > the folks using it define it. As I said, I could make guesses, but > guessing is counterproductive for technical discussions. > > As for your guesses: > > 1. RFC5598 discusses 'gateway' modification, not filtering. (RFC5598 > does not security issues for email, except in the Security section, and > that's for highlighting issues, more than solving them.) > The construct came from the time of translating between heterogeneous > email service technologies. That said, my personal term for what I believe > the current reference is intended to cover has been 'filtering gateway', > but I am pretty sure that has not developed widespread use. > 2. The word 'security' is often used as if it has technical > substance. It doesn't. It is fine to use as a casual reference to a very > broad set of concerns and technologies. But say that something does > 'security' and there is no way to have any idea what it actually means. > > d/ > > -- > Dave Crocker > > Brandenburg InternetWorkingbbiw.net > bluesky: @dcrocker.bsky.social > mast: @[email protected] > >
_______________________________________________ Ietf-dkim mailing list -- [email protected] To unsubscribe send an email to [email protected]
