Alessandro Vesely <[email protected]> wrote:
>On 12/Mar/12 08:28, Murray S. Kucherawy wrote: >> >> Got a reply: He found the text ambiguous about whether the report >> is generated per signature, or per tag within a signature that went >> awry somehow. >> >> The one-report-per-domain-per-message thing satisfies his concern >> and will clear the DISCUSS. > >The correct clarification is one report per /signing/ domain per >message. If a domain includes multiple signatures in a given message, >they may get a report for each failed one. Since reports are generated based on the purported signing domain it doesn't matter either way. >> The other one is indeed orthogonal. I'd be fine with leaving it in, >> however, unless someone sees a problem with doing so. > >I agree unrecognized tags might be interesting, e.g. as a tool to >monitor verifiers' adoption of new tags. However, if a domain decided >to add such tag, there's nothing they can do about those reports, >except encouraging verifiers to upgrade their software. > >Perhaps, it makes sense to keep "all" the default, but require >rr=all:u to also get unrecognized tags reports. > >Would those reports need to be routed to a different team/script? > >Should they be tagged, say, Feedback-Type: auth-feedback, rather than >auth-failure? > >Just fancying... In the context of this draft, it must be about auth failure. If the signature verified, then it's something else. Absent a compelling reason (and I see no compelling reason), I think altering the definition of all is a mistake. Any future drafts that add new tags can update this one to extend the list off allowable tags (and thus the definition of all). I'd leave unknown tags out. Scott K _______________________________________________ marf mailing list [email protected] https://www.ietf.org/mailman/listinfo/marf
