[ietf-dkim] Is accountability singular?
Jim Fenton
fenton at cisco.com
Wed Aug 24 11:23:50 PDT 2005
domainkeys-feedbackbase02 at yahoo.com wrote:
>I like the "author" but I don't like the forwarder? I like the forwarder, but I
>don't like the "author"?
>
>What about thee accountable parties, "author", first forwarder, List?
>
>What about five accountable parties...
>
>Sure, we can conjure up some cases where two _might_ be useful to a subset of
>interested recipients, but even then is the plan to let each
>implementor/recipient decide on the relevance of each accountable party or will
>their be guidance, BCP, standards?
>
>
I view DKIM as a service that the signer does for the verifier/recipient
to help them evaluate the message. Someone pointed out (I need to find
that message...) that some people will be interested in messages from a
mailing list because they want to read everything on the list. Others
will be interested in specific authors. I think this is the two
accountable parties case you refer to.
Again, this is a service for the verifier and recipient. There will
probably be BCPs describing what works well in practice (once we figure
out what that is) but there is no way of requiring a verifier/recipient
to do anything particular, just as there is currently no way to require
a recipient to read their mail, generate return receipts, or generate
bounce messages for dropped mail.
>In short, will signers be left in the dark wrt how relevant their particular
>accountability claim is to subsequent recipients?
>
>
Mostly. When reputation services arise a signer will be able to check
their reputation.
>Should signers give directions to forwarders not to sign, so as not to taint
>the "author" accountability? Seems like sometimes you might want that,
>sometimes you might not.
>
>
I don't see how a forwarder's signature would ever taint the "author"
accountability, unless the forwarder breaks the original signature. Can
you explain?
-Jim
More information about the ietf-dkim
mailing list