DKIM TTPs (was Re: [ietf-dkim] editorials and nits)
stephen.farrell at cs.tcd.ie
Wed Jul 5 16:41:34 PDT 2006
Douglas Otis wrote:
> On Jul 5, 2006, at 2:36 PM, Paul Hoffman wrote:
>> At 12:44 PM -0700 7/5/06, Douglas Otis wrote:
>>> DKIM generally represents a domain wide entity. A trusted third
>>> party (TTP) establishes trust between two parties when both trust the
>>> third party. For DKIM, the TTP would be the signing domain verified
>>> by DNS.
>> This is completely wrong, and goes against nearly everything that this
>> WG has been working on. The signing domain is *not* trusted.
>> Does anyone other than Doug think that it is?
> You have misunderstood what was being said.
Clash of terms there. The DNS, as used by DKIM, is a TTP in
crypto-protocol terms according to the well-understood use of that
term . I think I first heard such a definition 20 years ago.
Doug is inventing a new DKIM-specific way to interpret the term TTP, as
an application layer entity (or thereabouts).
I think the WG is much better off sticking with existing definitions
where they're as well understood as this one.
More information about the ietf-dkim