Murray S. Kucherawy wrote: >> -----Original Message----- >> Its just really odd that the we need to hide the facts in RFC4871bis >> but not in RFC5585 (DKIM Architecture) and RFC5863 (DKIM Deployment >> Guideline)? > > I've lost track of how many times and how many different ways > it's been explained that nothing is being hidden. I'm going to > give up now.
If nothing is being hidden, then why not explicitly add AUID and ODID (or RFC5585.From.Domain) to the Output Summary? Whats the danger? Maybe its not a "Output Summary?" Here are some definitions for a summary [1]: A summary, synopsis, or recap is a shorter version of the original. Such a simplification highlights the major points from the much longer subject, such as a text, speech, film, or event. The purpose is to help the audience get the gist in a short period of time. An abstract or a condensed presentation of the substance of a body of material; concise, brief or presented in a condensed form; Performed speedily and without formal ceremony etc. What you are proposing is just the redundant "Mandatory Output" information, and not a "DKIM Output Complete" summary that reflects current implementations. >> But in the mean time, implementors are not listening. They are looking >> at other things especially the "author thing" we must burn into the >> signature. > > Which implementers, and why aren't they saying anything? Well you, I did and many in the archives has say things, and many have stated very clearly the ODID is considered a very fundamental part of DKIM. RFC5585 reflects how signing practices is part of the expected DKIM Architecture. The two open source APIs: OpenDKIM ALT-N has support for signing practices. Systems using A-R to report DKIM results are using AUID, such as Dave's MLM. And I know our DKIM product has direct support for the design described in RFC5595 including A-R with all four outputs (status, SDID, AUID, ODID) as well as the ADSP extensions. The biggest software company, Microsoft, has announced ADSP support and that means ODID output is required. How can that be not significant? Yes, it is getting tiresome because it is real hard to understand why adding the obvious to the Output Summary is a problem. What harm is there? None that I can see. Why isn't there any mediated compromise to settle these 5-6 years conflict? In my view, your proposed section 1.1 DKIM Architecture Documents and with adding the AUID and ODID as part of the output to make all the documents protocol consistent will settle the issue, in my view, for all parties. -- Hector Santos, CTO http://www.santronics.com http://santronics.blogspot.com [1] http://www.google.com/search?rlz=1C1CHMG_enUS291US310&q=define:summary _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html