From: Russ Allbery (rra@stanford.edu)
Date: Fri Jan 12 2001 - 17:21:31 CST
Brad Templeton <brad@templetons.com> writes:
> >> NOTE: The use of ".invalid" is to provide an aid to mail systems so
> >> that addresses deliberately intended to be malformed can be
> >> identified and delivery aborted. User agents MUST identify such
> >> addresses and require the user to alter the address when attempting a
> >> personal email reply. Injecting agents that have authentication
> >> information MAY choose to enforce the From-content based on the
> >> poster's authenticated identity.
> There is an interoperability problem if a user puts an email into a
> message which is unreplyable and does not indicate it.
That's not the situation we're currently discussing (see above). This
portion of the text has nothing to do with that case; it's dealing with
the behavior of a news reading client that also can send mail when
confronted with an e-mail address that ends in .invalid.
> Injector info remains a redundant header. The path line contains the
> injector's identity and the tail entry after it is the appropriate place
> for (non-identifying) material on the poster's identity.
That's something that we've previously discussed. I would prefer to see
that information in a header rather than in the path tail. I don't think
it's accurate to say that Injector-Info is a redundant header; it's
correct to say that either the path tail should be used *or* Injector-Info
should be used and specifying both is redundant.
> It is a violation of important privacy principles to put truly
> identifying information into the header such as an IP address or email
> userid.
> Sites may decide they wish to violate their user's privacy rights and
> that is between them and their users. But for an IETF standard to in
> any way demand or encourage it is unacceptable.
Based on the above, I can only assume that you've not read the current
text for the Injector-Info header, which explicitly deals with this
issue.
> The standard can say that a *token* may be placed in the article by the
> injector which can be used by the local administrators to identify the
> actual poster for discipline.
And it does, in fact, say exactly that.
> If this standard puts in anything requiring or encouraging a header
> similar to nntp-posting-host (or injector-info doing the same thing) the
> EFF will probably lodge a protest against it.
I think you're getting a little bit carried away.
-- Russ Allbery (rra@stanford.edu) <http://www.eyrie.org/~eagle/>