[ietf-dkim] Not exactly not a threat analysis
Dave Crocker
dhc at dcrocker.net
Mon Aug 22 08:41:27 PDT 2005
On Mon, 22 Aug 2005 08:12:33 -0700, Dave Crocker wrote:
> On Fri, 19 Aug 2005 23:33:11 -0400, Keith Moore wrote:
> > It shouldn't be an either-or choice. The author should be able to sign
> > the message indicating that he wrote the content (so that a recipient can
> > verify that yes, it really was written by who it says), and the list
> > should be able to sign the message to indicate that the message was
> > forwarded via the list (so that a recipient can verify that yes, the
> > message really did come from the list).
>
>
> This describes two different semantics for a DKIM signature. Where does the
> current DKIM specification provide for such distinction in the semantics, so
> that it can be reliably and accurately interpreted by a verifying agent?
Does this mean that you are proposing an enhancement to the DKIM goals (and,
therefore, the specification) to provide a means for a signer to indicate their
semantic "intent" or "meaning" in doing the signature?
If yes, how? If no, then please clarify what you are proposing that changes
DKIM.
d/
---
Dave Crocker
Brandenburg InternetWorking
+1.408.246.8253
dcrocker a t ...
WE'VE MOVED to: www.bbiw.net
More information about the ietf-dkim
mailing list