On Wednesday, February 08, 2012 09:52:36 PM Murray S. Kucherawy wrote:
> This message begins a Working Group Last Call on the above drafts, ending
> February 24th. Everyone please review these drafts (probably alongside the
> AS, which is also in WGLC already) and provide your comments by then.
Comments on the dkim-reporting draft (for the record, I'm happy with the spf-
reporting draft):
paragraph 3.3, items 3/5: It seems to me to be overkill to specify anything
about what should be logged locally. It's not relevant to interoperability
and is really an implementation detail.
paragraph 3.3, item 8: Since ra= for dkim is required, then it seems to me if
ra= is missing, the record has already failed step 5, so step is is redundant.
Recommend removing step 8 and rewording step 5 (taking the liberty of
resolving my previous comment for this item as well):
5. If the TXT content is syntactically invalid (including missing
required tags like ra=), terminate.
In the last hunk of paragraph 3, there is the phrase:
"It might be useful to some Signers to receive such reports. To enable this,
a Verifier could violate the first step above and continue even in the absence
of an "r=" tag."
I know that the rest of the paragraph gets to "Don't do this", but I'm afraid
the current wording is an invitation to mischief. Perhaps something like:
"It might be useful to some Signers to receive such reports, but this use case
is not supported. To support this, a Verifier would have to violate the first
step above and continue even in the absence of an "r=" tag."
Looks pretty good.
Scott K
_______________________________________________
marf mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/marf
