[ietf-dkim] [Fwd: I-D ACTION:draft-fenton-dkim-threats-02.txt]
Stephen Farrell
stephen.farrell at cs.tcd.ie
Fri Jan 13 15:23:09 PST 2006
Hi Doug,
Douglas Otis wrote:
> Stephen,
>
> I will concede the term "policy" generally describes the SSP record.
Good. I think its easier if we use the same terms.
> [...] Any "open" policy exposes the email-address
> domain owner to unjustified complaint traffic.
No more than could happen today. I don't see any reason why complaints
will rise that couldn't happen right now.
> However, "closed"
> policies also disrupt common email practices, and therefore are not
> suitable for general use.
Probably not. But as I understand it, those are designed for special
(and not general) cases.
> A large domain has an advantage that a smaller domain does not.[...]
I don't see how we can design a protocol to level that playing
field.
> ... This problem in general also runs afoul of a desire to
> not force the publication of "open" policies creating a paradox.
I don't see any paradox unless you want one domain with both
an open and a closed policy.
> There is a practical alternative to the SSP policy approach described in
> the dkim-options that would entail far far less overhead and would not
> impose the need for "open" policies.
I'll take a look.
> On Jan 12, 2006, at 6:17 AM, Stephen Farrell wrote:
>
> Some small nits then:
>
>> "Policies can be open or closed. Open policies define a set of
>> conformant messages and are silent about other messages. Closed
>> policies define the set of conformant messages and other messages do
>> not conform to the policy.
>
> Policy is not checked when the email/signing domains match. Policy is
> therefore silent when email/signing domains match. When email/signing
> domains do not match, SSP indicates whether unsigned or foreign signed
> messages are acceptable. With respect to open policies, _all_ such
> messages are conformant and acceptable.
Nope. You're confusing the sender's policy statement with what
the verifier considers acceptable, which is out of scope.
I guess Jim can handle your other wordsmithing changes which
seem fine,
Cheers,
Stephen.
More information about the ietf-dkim
mailing list