[mail-vet-discuss] Auth-Results issue #4 method=value values
Tony Hansen
tony at att.com
Wed Apr 19 15:42:40 PDT 2006
Murray S. Kucherawy wrote:
> Tony Hansen wrote:
>>> Actually in light of that question, maybe we don't need "neutral" at
>>> all. For methods that have a policy, the verification attempt will
>>> produce one of the other results. For those that don't have some
>>> queryable policy, "neutral" never happens.
>>
>> Well, I've seen people who want to be able to say "X doesn't say
>> anything positive or negative for this message". That's the purpose of
>> neutral.
>
> OK, so how about this for neutral:
>
> The authentication method completed but was unable to reach a positive
> or negative result for the message.
ok.
>> A related question is what value should be put in the headerspec for
>> failure situations? The identity has not been verified, so there's no
>> value to be put into the headerspec.
>
> Why would it change? The method still based its evaluation on something
> (a header value, envelope data, "i=", or something else).
Sometimes it's the lack of something that causes the failure, not the
presence of it. And the value part is supposed to include an extracted
value; what if there *is* no such value?
Consider a message that is missing a dkim-signature header where the
policy says that the header is required; what do you put into the value
part of the headerspec?
Hmmm, that might call for a ptype of "policy". :-)
Tony Hansen
tony at att.com
More information about the mail-vet-discuss
mailing list