[ietf-dkim] review of draft-ietf-dkim-overview-01

[Eric Allman]

I did a quick read of -overview yesterday and on the whole liked it. 
It's a bit rough, lots of spelling/grammar errors, obviously written 
by different people, needs sections filled in, etc., but it seemed 
like it covered the critical areas.  I'll try to read it in more 
detail soon.

However, there was one sub-thread between EKR and Eliot that left me 
a bit confused:

--On July 11, 2006 10:18:50 PM +0200 Eliot Lear <lear at cisco.com> 
wrote:

>>>>    The owner of the domain name being used for a DKIM signature
>>>>    is declaring that they are accountable for the message.  This
>>>>    means that their reputation is at stake.
>>>>
>>>> I'm not sure I understand what reputation means in this context.
>>>>
>>>>
>>> I believe it would be pedantic to define a commonly used English
>>> word.
>>>
>>
>>
>> I disagree.
>> 1. It's a technical term in the security community, and since
>> there's no reputation service being proposed..
>>
>
> The language was plainly used.  You are, however, raising two
> separate issues: use of the term and whether reputation services
> are in scope.  They are clearly not.  However, that doesn't mean
> that DKIM cannot be used by such services, and it certainly doesn't
> mean that we must never refer to them.  This having been said, I
> still believe the plain language reading connotes an obvious
> meaning.

I thought that the Overview document was supposed to be a 
non-normative introduction (ok, "overview") of DKIM: motivations, 
context, how the pieces fit together, how it fits into the bigger 
picture.  If I'm right, then

(1) using "plain English" is just fine, and hence "reputation" 
doesn't need a formal (normative) definition; and

(2) reputation /is/ in scope of this document, since it speaks to the 
bigger picture.

Have I misunderstood the intent of -overview?  If it is to be a 
normative document then I will suddenly have a /lot/ of comments....

eric