[ietf-dkim] "I sign everything" is not a useful policy
dotis at mail-abuse.org
Sun Aug 6 09:43:37 PDT 2006
On Aug 6, 2006, at 8:26 AM, Michael Thomas wrote:
> Scott Kitterman wrote:
>> On Sat, 05 Aug 2006 19:21:59 -0700 Dave Crocker <dhc at dcrocker.net>
>>> A signer should not direct the evaluator what is to be done with
>>> that information.
>> Is anyone arguing that they should? Setting expectations does not
>> equal direction.
> Yes, a surprising number of people are. There must be rent in the
> universe because it's been odd how strangely aligned my thinking
> has been with Dave's, even as I struggle to come up with the right
> way to describe this. I'm hopeful about the formulation of a
> signer's expectation of verification success rather than "I sign
> everything" finesses this.
I agree with Dave, although it is easy to slip, and I am perhaps just
as guilty as others. It would be good to keep the policy definitions
based upon just the domain-of-policy actions. There should be a
section that reviews what might be expected verifier actions based
upon these definitions. Expectations will be more realistic and
review will be easier when the defined set of domain-of-policy
actions are not merged with that of the verifiers actions from the
More information about the ietf-dkim