Ahoj, Dňa Tue, 7 Mar 2023 12:00:35 +0100 Alessandro Vesely via mailop <mailop@mailop.org> napísal:
> The RFC was written at a time when there was not so much experience > with DKIM and DMARC wasn't there. In that case, the RFC have to be in proposed state, until enough experiences are gathered. But we see it in many cases, quick, quick, to have at least something and problems we will solve later. But this latter either never happen or is near impossible then to apply and finally someone develop new standard (XKCD about this exists)... > Its Section 5.4.1 includes List-* > fields, and unfortunately most guides refer to that section for > guidance. No, it is not "list of headers", it is "list of examples of headers", it states: "The basic rule for choosing fields to include is to select those fields that constitute the "core" of the message content." If i remember properly, the exact list of headers was in some previous version RFC. This examples list has not MUST, nor SHOULD, nor anything other (except From header), it is just example... That i consider as good definition (for RFC), but many people want to have exact list (to not need to use own head), but one list cannot server all email purposes/usage. BTW, there is too: "Similarly, "In-Reply-To" and "References" might be desirable to include if one considers message threading to be a core part of the message." IMO exact case of many "normal" ML as this one, but not eg. for marketing "ML", where replies are not expected... > If signatures are meant to protect the meaning of messages, rather > than their hopping from a server to the next, only meaningful header > fields should be signed and possibly oversigned. That is From:, > Subject:, Author: if used, perhaps To:, Cc: and Reply-To: if they are > considered significant. This more or less corresponds to the idea: "choose headers, which are important", and i understand RFC exactly in this mean. IMO, one have to oversign List-* headers only in case, that message have not be resend by (other) ML. But then particular ML rewrites From header and it becomes pointless, but in some "private/closed" ML can be desired. > Someone should write a revised best practice. I agree! But again, here is as many email flows, that it cannot be published as RFC, as it will get neverending update flood and will be obsolete from start ;-) Only solution for this i see something as HTML is now, i name that (raw) "flying standard", without exact number and regularly updated :-) regards -- Slavko https://www.slavino.sk
pgpcaBBbv9MPW.pgp
Description: Digitálny podpis OpenPGP
_______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop