[mail-vet-discuss] secdir review of
draft-kucherawy-sender-auth-header-11.txt (fwd)
SM
sm at resistor.net
Thu Jan 31 17:24:27 PST 2008
Hi Murray,
At 15:14 31-01-2008, Murray S. Kucherawy wrote:
>Why? It seemed to me at the end that he didn't feel the whole idea
>should be tossed out as long as I can add commentary on the five
>major risks he enumerated at the end. I've already sent him back
>some proposed wording changes that cover each of those concerns, but
>I probably won't hear back until next week as to whether or not
>those changes will be sufficient to earn an "all clear".
I find this header useful and I don't think the idea should be tossed
out. Some of the threats outlined are not specific to this header.
Implementors may need some guidance on how to handle this header,
especially when it should reach the MUA. The falls more under usage
than security considerations. I'll comment once the new version of
your draft is available.
Regards,
-sm
More information about the mail-vet-discuss
mailing list