Dave CROCKER wrote: > On 5/4/2011 7:04 AM, Rolf E. Sonneveld wrote: >>> Which documentation makes your above claims? >> Both documents refer to rfc4686, albeit only in the Informative >> References section. rfc4871 refers to rfc4686 only in section >> 8, rfc4871bis in section 8 as well as in section 1.1. >> >> Please provide us some pointers regarding the differences >> between rfc4871 and rfc4871bis in relation to the above statement. > > The claim that rfc4871bis has the goal you claim is yours.
It showed that. Are you suggesting security is not part of DKIM's goal? > So you need to do the work of subtantiating it. The proof of concept was done in the WG consensus built RFC4686 security document. > So far, as you acknowledge, your only reference is quite old, merely > informative, and not a specification. In contrast, rfc4871bis declares > the goal of its specification and it's not the one you assert. Exactly the point, it doesn't reflect current implementation needs yet has inconsistencies where any reasonable engineers can presumed the design is beyond what you attempting to mandate for receivers. > You've now had multiple people responding to this thread with various > explanations why it is off the mark. But there are multiple people who disagree with those explanations and agree Rolf is right on mark. > We should be done. We should of been done long ago. IETF needs to consider why you are having a hard time explaining away the security concerns for almost 5 years now. You need to rethink why reasonable compromising solutions offered should be ignored and rudely shunned out. You need to consider good nature WG participant perspectives to help DKIM better fit receiver needs and considering ODID (and AUID) is compatible with the DKIM goal. -- Hector Santos, CTO http://www.santronics.com http://santronics.blogspot.com _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html