[ietf-dkim] Issue: Requirements #9 NOT REQUIRED for 1st partyvalid
signatures.
Wietse Venema
wietse at porcupine.org
Fri Aug 11 06:03:07 PDT 2006
Stephen Farrell:
> Those are not in conflict. As I read it the requirement states that
> an SSP lookup MUST NOT be REQUIRED (== is OPTIONAL) when a valid
> first party signature is present.
>
> I guess rephrasing it as follows might make you happier:
>
> The Protocol MAY be invoked when a valid first party signature
> is present.
>
> [INFORMATIVE NOTE: The expectation is that most implementations
> will not (always) invoke the protocol in this case.]
>
> IMO those are equivalent, so I don't mind which gets used. Maybe
> others prefer one over the other or don't agree about equivalence?
I prefer the "must not be required" form. I know that it implies
"may perform SSP lookup", but the latter form can more easily be
lobbied into a stronger recommendation for SSP lookup, which is
definitely not what I want.
Wietse
More information about the ietf-dkim
mailing list