Re: Error in RFC 5321 concerning SPF and DKIM
Scott Kitterman <sklist <at> kitterman.com>
2014-07-20 18:53:15 GMT
On Sunday, July 20, 2014 14:43:40 John C Klensin wrote:
> --On Sunday, 20 July, 2014 13:12 -0400 Scott Kitterman
> <sklist <at> kitterman.com> wrote:
> > I think your characterization of SPF is almost correct. It
> > generally concerns itself with only the domain part of the
> > message, but it can be used to check authorization of the
> > local part as well (via macros). If you add a caveat before
> > validate in "does not validate the entire address" such as
> > (perhaps) typically or usually, then I think it would be
> > correct.
> Speaking as editor of the hypothetical/ promised 5321bis, I
> appreciate Dave's bringing the issue here, at least separating
> it from what is or is not a valid erratum.
> FWIW, my editing notes on the pre-5321 I-Ds indicate that the
> current text was not of my invention. I think we should
> concentrate on the substantive issue rather than casting blame,
> so the person who offered the text on which people agreed
> (perhaps by not paying enough attention), will, at least insofar
> as it is within my power, remain anonymous for this discussion.
> However, I note that Dave suggested that people send text. I
> want to reinforce that. I was convinced, and remain convinced
> that the spec if better with pointers to DKIM and/or SPF (and,
> when it is updated, to anything else that may be relevant). I
> believe the consensus when 5321 was being developed was
> consistent with that conviction. So, while I will obvious do
> whatever the group agrees on, my preference is to replace the
> bad sentence(s) with correct ones rather than dropping them.
> Especially if we have gotten this wrong once, I would really
> appreciate very specific text and discussion of that text.
> Statements like the above are, IMO, useful in clarifying the
> issues but not really actionable where the text is concerned --
> I don't want to guess, either about what text should be written
> or about whether people have or have not agreed text as well as
> ideas. So, please, send text that others can comment on and
> that I can eventually just past into the draft.
I think any reference to DKIM better belongs to a hypothetical 5322bis.
Whatever it does, it's not related to the envelope.
I'd be glad to help with this aspect of 5321bis where I agree some reference
to SPF would make sense (for the purposes of Dave's erratum though I think
removing the sentence in question is the best solution).
ietf-smtp mailing list
ietf-smtp <at> ietf.org