Charles Lindsey wrote: > It is evident to me that the whole idea is utterly indefensible.
+1 It's a real issue, but *doumenting* it instead of *fixing* it with obscure scopes suffices for now. Gateway operators need to know it, e.g., GMaNe could educate its users in its FAQ. In addition to the domain owners intending to introduce some kind of strict/reject/discard/whatever *SP, they first have to educate their users. And maybe folks like you have to do something with their mail2news solutions if they want SSP protection. Later, if say NNTP introduces a variant of DKIM in addition to "pgpverify" for its purposes, a document explaining NNTP-DKIM can say what NNTP-*SP is supposed to be, if anything at all. Based on SPF experiences: 1 - Whenever "scopes" were discussed on the SPF list it ended up in 2822-ratholes. 2 - The number of popular "SPF extensions" (modifiers including ways to emulate "scopes" with modifiers) after four years is *zero*. By a stretch of fantasy I can defend op=auth, but that's all after four years. Let's get some KISS *SP out soon, and see what happens. Maybe "experimental" is good enough for now. There are issues where I am far from sure that they'll work. But the lack of *SP scopes isn't one of them. Frank _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html