[ietf-dkim] A more fundamental SSP axiom
Steve Atkins
steve at blighty.com
Fri Aug 4 10:09:58 PDT 2006
On Aug 4, 2006, at 10:04 AM, Michael Thomas wrote:
> Steve Atkins wrote:
>
>>
>> On Aug 4, 2006, at 9:19 AM, Michael Thomas wrote:
>>
>>> John L wrote:
>>>
>>>> I REALLY do not want an SSP that says "I sign everything, and
>>>> here is my estimate on a 0 to 10 scale of how much you should
>>>> care."
>>>
>>>
>>> I assume that you'd complain if it boiled down to a single bit?
>>>
>>> 0: "mail from this domain may transit manglers, adjust accordingly"
>>
>>
>> 0: "I sign some mail"
>
>
> Incorrect. They are *not* the same statement. "some" may mean
> in reality (and often does) "none". Versus our domain signing every
> piece of legitimate mail even if some of the signatures get broken
> due to mailing lists.
>
If the signature is broken, the mail is not signed, so as far as the
recipient is concerned, they're the same. If you prefer the phrasing
"Some mail from me is signed", that works for me.
>>> 1: "the signature should always be intact"
>>>
>>
>> 1: "I sign all mail"
>
> No. "I sign all mail" is merely a statement of fact. "should always
> be intact"
> is predictive. They are *not* the same.
As far as the recipient is concerned, they are. If you prefer
the phrasing "All mail from me is signed", go with that.
(The underlying problem of DKIM+SSP being unable to avoid
false-positive rejections in almost all cases if "I sign all mail" is
asserted is becoming clear here).
Cheers,
Steve
More information about the ietf-dkim
mailing list