[ietf-dkim] Charter bashing...
Hallam-Baker, Phillip
pbaker at verisign.com
Wed Oct 12 06:07:10 PDT 2005
> > ?? delegation of signing capabilities
> >
> > Disagree
> >
> > This is actually a show-stopper must have for the ESTG
> group. Most of
> > the commercial participants in the group use outsourced
> email senders
> > for at least some marketting campaigns. Third party signature
> > capability is actually a differentiator against SPF.
>
> Well, in that case I want to see some charter text which
> stops us from defining a full-blown authorization
> infrastructure. My intent was to stop us from defining such a
> protocol to allow one to authorize delegation, but that
> verifiers could of course recognize a delegation if they so
> choose - its just that the protocol which informs the
> verifier about the delegation wouldn't be part of dkim.
OK this sounds more like saying we are not going to support the
provisioning protocols for delegation. I agree here.
What people do consider necessary is a policy tag on a key record that
specifies something like 'this key can only sign email from
marketing at example.com so that the bulk mailer hired to do a promo can't
then impersonate the CEO.
More generally I think that instead of enumerating what we won't do we
should enumerate what we will do explicitly and say we will not do
anything else.
Phill
More information about the ietf-dkim
mailing list