> Title : The Minger Email Address Verification Protocol > Author(s) : A. Hathcock, J. Merkel > Filename : draft-hathcock-minger-05.txt
Great. But a fresh date oddity, expired before publication :-) Some observations minus the few simple nits reported by IDnits: s/are therefore often decide/therefore often decide/ (to accept) or maybe "are therefore often forced to accept". Status codes 0..5: Intuitively I'd expect "0" to be "okay". Digest = MD5( secret ":" mailbox ) could attract the attention of security folks, how about using HMAC(x, y) instead of MD5 ? Anonymous mode, is that MD5( ":" mailbox ) or MD5( mailbox ) ? Security: The secret is defined to be 1*50(VCHAR), maybe say at least 16 VCHARs instead of 128 bits. MD5 could handle bit strings if you'd want this, but you want ordinary VCHAR bytes. Frank
