> -----Original Message----- > From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim-boun...@mipassoc.org] > On Behalf Of Jim Fenton > Sent: Thursday, March 31, 2011 2:34 PM > To: IETF DKIM WG > Subject: [ietf-dkim] Proposal: Removal of AUID (i= tag/value) > > The direction of the DKIM specifications since RFC 4871 have been to > rely less and less on the AUID (agent or user identifier, the i= value > on the signature) to the point that it provides no security benefit. On > the other hand, a malformed AUID can cause a DKIM signature not to > verify, and i= currently adds to the complexity of the DKIM > specification. For this reason, I am formally proposing that the i= tag > and supporting text be removed from 4871bis. > [...]
[as regular participant, not document editor] I find myself undecided, and I need to think about it a little more. I certainly agree that simplifying the specification by removing stuff that provides little use is a good idea, and we've done so with "g=" as well and I'm fine with that. OpenDKIM's statistics show that almost half of signatures use "i=", in contrast to how few used "g=" in other than the default way. Of those that do, only about 35% are using it in other than the default way. So that's at least 17% of signatures overall that are trying to do something with "i=". That's non-trivial. Moreover, it's substantially more than the percentage that appear to be using "x=", but we're not considering removing that here. So it seems like we've got this theory that simpler is better, but we're applying that theory piecemeal. _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html