[ietf-dkim] A more fundamental SSP axiom
deepvoice at gmail.com
Fri Aug 4 10:24:22 PDT 2006
On 8/4/06, Michael Thomas <mike at mtcc.com> wrote:
> Steve Atkins wrote:
> > On Aug 4, 2006, at 9:19 AM, Michael Thomas wrote:
> >> John L wrote:
> >>> I REALLY do not want an SSP that says "I sign everything, and
> >>> here is my estimate on a 0 to 10 scale of how much you should care."
> >> I assume that you'd complain if it boiled down to a single bit?
> >> 0: "mail from this domain may transit manglers, adjust accordingly"
> > 0: "I sign some mail"
> Incorrect. They are *not* the same statement. "some" may mean
> in reality (and often does) "none". Versus our domain signing every
> piece of legitimate mail even if some of the signatures get broken
> due to mailing lists.
You are missing my point: What good are the keys if the ones you are
handing me are to a Waffle House or 7-11?
> >> 1: "the signature should always be intact"
> > 1: "I sign all mail"
> No. "I sign all mail" is merely a statement of fact. "should always be
> is predictive. They are *not* the same.
I was basing this comment on my previous comment that "I sign some
mail" is pointless. So if it is pointless, you now have a binary
choice. I sign all mail or I don't. If you don't, no need to publish a
record. Which as logic would have it, would mean that if you did have
a record, you sign all mail.
More information about the ietf-dkim