[ietf-dkim] Charter bashing...
pbaker at verisign.com
Wed Oct 12 06:07:10 PDT 2005
> > ?? delegation of signing capabilities
> > Disagree
> > This is actually a show-stopper must have for the ESTG
> group. Most of
> > the commercial participants in the group use outsourced
> email senders
> > for at least some marketting campaigns. Third party signature
> > capability is actually a differentiator against SPF.
> Well, in that case I want to see some charter text which
> stops us from defining a full-blown authorization
> infrastructure. My intent was to stop us from defining such a
> protocol to allow one to authorize delegation, but that
> verifiers could of course recognize a delegation if they so
> choose - its just that the protocol which informs the
> verifier about the delegation wouldn't be part of dkim.
OK this sounds more like saying we are not going to support the
provisioning protocols for delegation. I agree here.
What people do consider necessary is a policy tag on a key record that
specifies something like 'this key can only sign email from
marketing at example.com so that the bulk mailer hired to do a promo can't
then impersonate the CEO.
More generally I think that instead of enumerating what we won't do we
should enumerate what we will do explicitly and say we will not do
More information about the ietf-dkim