From: Charles Lindsey (chl@clw.cs.man.ac.uk)
Date: Fri Jan 04 2002 - 11:54:47 CST
In <8G86Sq2ocDB@3247.org> list-ietf-wg-apps-usefor@faerber.muc.de (Claus Färber) writes:
>I believe that the best solution is to:
>. warn software writes of ISPs that do add a Sender header.
Indeed. That is exactly what the paragraph that John Stanley is objecting
to does.
>. warn ISPs of the privacy leakage that occurs through the
> insertation of the Sender header AND direct them a better
> solution (e.g. using an ENCRYPTED posting-account parameter for
> an Injector-Info header, section 6.19.1.2).
And there is a NOTE just before 6.19.1.1 that is supposed to cover all
that (note that this text has changed since draft.06 - I posted the latest
version a couple of weeks back).
> The warning should also be attached to the wording of 6.19.1.3.
6.19.1.3 is within the scope of that general warning, so I think it is
covered.
Of more interest is whether we need a similar warning in the section
dealing with the Sender header itself.
Note that the overall policy I am trying to follow is that our standard
should try to be neutral on the extent to which injectors do or do not
identify their posters. We provide the various tools, we point out that
there are pros and cons with the various policies and that there is a
balance to be struck, but we leave it to the the net-politicians to try to
control what is actually done.
-- Charles H. Lindsey ---------At Home, doing my own thing------------------------ Tel: +44 161 436 6131 Fax: +44 161 436 6133 Web: http://www.cs.man.ac.uk/~chl Email: chl@clw.cs.man.ac.uk Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K. PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5