--On Sunday, 01 January, 2006 15:49 -0800 Douglas Otis <dotis@xxxxxxxxxxxxxx> wrote: >... > The risks related to interoperability will more likely result > from assuming authorization authenticates the source. This > authorization strategy may benefit larger domains, but will > be corrosive to goals of interoperability and integrity. To > avoid the misapplication of this mechanism, there are > suitable alternatives to authorization for the DKIM effort. > DKIM offers a significant value without authorization to > establish expectations. Not endorsing authorization schemes > also discourages possible burden-shifting of the short- > comings of DKIM. Hopefully, not allowing this tactic will > lead to a better, safer, and far more fair solutions. Indeed. And, along the lines of my response to John, and to Dave's request to be specific, that sort of analysis and description is _precisely_ what I believe should be required to be written into text, get WG rough consensus on its appropriateness and accuracy, and then make its way into the WG's deliverables. If agreement on such comments can be reached, I believe that such a requirement is reasonable and not particularly burdensome. If such agreement cannot be reached, then I think DKIM has much more serious problems about applicability and the definition of the problems being solved than whether or not this is required. john _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf