[ietf-dkim] All done on potential SSP requirements?
pbaker at verisign.com
Fri Aug 4 06:16:49 PDT 2006
Hang on a second.
We have requirements here for a policy mechanism. That's not the same as requirements for the SSP record.
The implementation of the policy mechanism may be concentrated in the policy record or split between the policy record and the key record.
And don't try to claim that the key record is final, it is not. We were not allowed to discuss the policy aspects of the key record at the time of base. It was pointed out at the time that the key record is also part of the policy system and we were told then that we could discuss those issues now.
I don't think we need to modify base but it does look to me as if we are going to possibly need to add features into the key records.
I don't think that is a serious problem either. We just end up with descriptions split between two documents. We can always refactor the documents at draft if people want the key record description
One requirement that MUST appear in the document if the resulting spec is to clear the security review is as follows:
It must be possible for Alice to publish a key record that describes
use of features such as canonicalization, digest or signature algorithm
that are not widely supported without negating the value of the policy
I will explain why that is necessary in my next post.
> -----Original Message-----
> From: ietf-dkim-bounces at mipassoc.org
> [mailto:ietf-dkim-bounces at mipassoc.org] On Behalf Of Stephen Farrell
> Sent: Friday, August 04, 2006 7:00 AM
> To: ietf-dkim
> Subject: [ietf-dkim] All done on potential SSP requirements?
> We've batted about a load of stuff this week on SSP requirements.
> Some of it was new, some repeated from earlier rounds of
> discussion, but all of stuff we needed to go over. But I
> guess that Mike now has *plenty* of material to write up his
> reqs-00 I-D (which he'll hopefully still manage to keep very short:-)
> Rather than try resolve our different opinions based on these
> list threads, I reckon we'd probably be better off waiting to
> and try get consensus on requirements until after we've seen
> them written down, so I suggest we let this week's discussion
> rest for a little bit while Mike writes.
> However, are there any potential SSP requirements that we've
> not mentioned at all this past week or so?
> NOTE WELL: This list operates according to
More information about the ietf-dkim