Re: [Ietf-message-headers] Re: Jabber-ID header field

Peter Saint-Andre <stpeter@jabber.org> Wed, 20 September 2006 10:51 UTC

Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1GPzfr-0007zM-3y; Wed, 20 Sep 2006 06:51:27 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GPzfo-0007zG-PJ for ietf-message-headers@ietf.org; Wed, 20 Sep 2006 06:51:25 -0400
Received: from atlas.jabber.org ([208.245.212.69]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GPzfn-0005X7-Hm for ietf-message-headers@ietf.org; Wed, 20 Sep 2006 06:51:24 -0400
Received: by atlas.jabber.org (Postfix, from userid 1005) id EB76521A37C; Wed, 20 Sep 2006 05:51:18 -0500 (CDT)
Date: Wed, 20 Sep 2006 05:51:18 -0500
From: Peter Saint-Andre <stpeter@jabber.org>
To: Graham Klyne <GK-lists@ninebynine.org>
Subject: Re: [Ietf-message-headers] Re: Jabber-ID header field
Message-ID: <20060920105118.GA5217@jabber.org>
References: <45071704.6020400@jabber.org> <4509D783.404@jabber.org> <451111D5.3060302@ninebynine.org>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <451111D5.3060302@ninebynine.org>
Jabber-ID: stpeter@jabber.org
User-Agent: Mutt/1.5.6+20040907i
X-Spam-Score: 0.0 (/)
X-Scan-Signature: e1e48a527f609d1be2bc8d8a70eb76cb
Cc: ietf-message-headers@ietf.org
X-BeenThere: ietf-message-headers@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Discussion list for header fields used in Internet messaging applications." <ietf-message-headers.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ietf-message-headers>, <mailto:ietf-message-headers-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf-message-headers@ietf.org>
List-Help: <mailto:ietf-message-headers-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ietf-message-headers>, <mailto:ietf-message-headers-request@ietf.org?subject=subscribe>
Errors-To: ietf-message-headers-bounces@ietf.org

On Wed, Sep 20, 2006 at 11:03:01AM +0100, Graham Klyne wrote:
> Peter Saint-Andre wrote:
> > Graham Klyne wrote:
> > 
> >> It
> >> occurs to me that email clients might be encouraged (required?) to
> >> NOT disclose jabber-id headers to any particular recipient without
> >> first obtaining the sender's permission (a bit like the MDN response
> >> requirements).
> > 
> > So something like the following?
> > 
> >    An email user agent that is capable of including the
> >    Jabber-ID header field in outgoing email messages MUST
> >    provide an option for its user to disable inclusion of
> >    the Jabber-ID header field generally, on a per-message
> >    basis, or on a per-recipient basis.
> 
> That certainly addresses the point I raised, and it usefully draws attention to
> a possible remedy for the issue raised.  One might debate MUST/SHOULD
> distinctions here -- I lack a clear opinion on this.

I think should is enough. The text I have in my working copy reads as
follows:

***

Advertising XMPP addresses in email headers may make it easier for
malicious users to harvest XMPP addresses and therefore to send
unsolicited bulk communications to the users or applications represented
by those addresses.  Care should be taken in balancing the benefits of
open information exchange against the potential costs of unwanted
communications.  An email user agent that is capable of including the
Jabber-ID header field in outgoing email messages should provide an
option for its user to disable inclusion of the Jabber-ID header field
generally, on a per-message basis, or on a per-recipient basis.

***

Peter


_______________________________________________
Ietf-message-headers mailing list
Ietf-message-headers@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf-message-headers