On Mon 28/Oct/2024 21:33:39 +0100 Watson Ladd wrote:
On Mon, Oct 28, 2024 at 12:56 PM Brian E Carpenter <brian.e.carpenter@xxxxxxxxx> wrote:
I agree with John Klensin that DMARC, DKIM and the like are out of scope for SMTP as such. They aren't part of simple mail *transfer* so they don't belong here.
[...]
In fact I'm really confused: paragraph 3 of 7.1 seems to be about DKIM
and the like without explicitly naming it. A reference here would make
the text more understandable, without changing its meaning. I'm having
trouble squaring this with declarations that this is out of scope. I
don't think people are asking for a very comprehensive treatment, but
I do think a discussion that says "here are some imperfect solutions
to the problems left" would be useful, even without a forward
reference to the A/S. I understand not wanting to start a cluster via
a forward reference, but the price of that is having to pull some
small things forward.
Hmm... the 2nd paragraph seems to be about SPF or ARC and the 3rd one about
DMARC, not DKIM which is rather akin to multipart/signed (except that it
disallows additions). Anyway, being more explicit may make that text less obscure.
For DMARC, I wouldn't use the term *misguided*. Troublesome, problematical, or
even defiant would better describe its position. Misguided implies based on
error and going nowhere, which is unfair. Certainly it doesn't make email
secure, but "accompanied by careful handoffs of responsibility in a carefully
designed trust environment" it could. And I saw no better-faring approaches to
email security yet.
Best
Ale
--
--
last-call mailing list -- last-call@xxxxxxxx
To unsubscribe send an email to last-call-leave@xxxxxxxx
