[ietf-dkim] RE: I think we can punt the hard stuff as out of scope.

[Hector Santos]

Stephen Farrell wrote:
> 
> Hector,
> 
> You are correct that there is no MUST NOT. But the fact
> that we excised the MUST is significant. I interpret that
> as follows:
> 
> - Its ok for someone to develop a proposal for how nomail
> could be included, so long as it doesn't get in the way
> of the meeting the MUST & SHOULD requirements, which we
> do first (that's sort-of what PHB suggested yesterday, I
> think);
> - its not ok to hold up work on the basis that nomail
> isn't included.
> 
> Later in your mail you seem to say that there was some
> ambiguity when we decided the above. I totally disagree
> with that - the mail archive is very clear.

First, I disagree. It wasn't very clear.  The mere fact you are still 
having this issue, proves the point.   Its common sense, if I don't send 
mail (signed or unsigned) with a particular domain, then the DKIM 
VERIFIER and DKIM DOMAIN should be subject to this type of abuse which 
will be naturally be very common which people begin to switch on DKIM.

There were decisions made offlist and in the chat room where there was 
clearly mis-representation.

Second,  I take offense to the insinuation that I am holding up work 
here.   The current approach is whats holding things up. Not me. We are 
now talking about MX methods, SPF and SENDERID methods, with incorrect 
statements that there are well established current methods to achieve 
the NO MAIL policy, or that it is the same as "STRICT", when it is not. 
  If these the basis for eliminating NOMAIL, then the issue was 
presented incorrectly, the straw poll was based on incorrect poising of 
the questios.  This approach was wrong and that is keeping this group 
from moving on.

-- 
Sincerely

Hector Santos, CTO
http://www.santronics.com
http://santronics.blogspot.com