[mail-vet-discuss] Re: Auth-Results issues? #8 secton 5.1

SM sm at resistor.net
Wed Apr 19 18:12:59 PDT 2006

Hi Murray,
At 15:39 19-04-2006, Murray S. Kucherawy wrote:
>This was a specific (and perhaps bad) example of what I think is 
>actually a good idea, namely using existing means to communicate 
>results to MUAs that haven't yet (and may never) add support for the 
>A-R header.  How about including something more generic which pushes 
>that idea but makes no specific suggestions?

It's what people might do in practice.  However, such hacks should 
not be encouraged in a RFC or else it becomes the norm.

>implementing a verifier who knows he'll only be protecting Outlook 
>boxes might want to exploit that to draw attention to likely 
>forgeries, until Outlook actually supports A-R.

You could have:

5.1.  Legacy MUAs

    Implementors of this proposal should be aware that many MUAs are
    unlikely to be retrofit to support the new header and its semantics.

    As there is keen interest in conveying the results of sender authentication
    tests to legacy MUAs, other interim means of doing so may be 
necessary while
    this proposal is adopted.


More information about the mail-vet-discuss mailing list