[ietf-dkim] Requirements addition: Policy/Practice record for
first party signatures
Scott Kitterman
ietf-dkim at kitterman.com
Wed Aug 9 10:29:21 PDT 2006
On Wednesday 09 August 2006 13:26, Damon wrote:
> > --- 542,556 ----
> > for signing its messages to a non-related domain in such a way
> > that it does not require active participation by the non-related
> > domain. That is, the published information MUST have a way to
> > ! specify the domains that are allowed to sign on its behalf.
> > ! Signatures by such delagatees SHOULD be treated like First
> > Party ! DKIM signatures.
> >
> > --- 542,556 ----
> > for signing its messages to a non-related domain in such a way
> > that it does not require active participation by the non-related
> > domain. That is, the published information MUST have a way to
> > ! specify the domains that are allowed to sign on its behalf.
> > ! Signatures by such delagatees SHOULD be treated like First
> > Party ! DKIM signatures.
>
> I am thinking that the SHOULD might be a MUST.
>
> > ! specify the domains that are allowed to sign on its behalf.
> > ! Signatures by such delagatees MUST be treated like First Party
> > ! DKIM signatures.
>
Conceptually I agree. If there is one place in the requirements where there
should be a MUST for receiver policy, this is it. However, there seems to be
a reasonable consensus for not specifying receiver policy.
Scott K
More information about the ietf-dkim
mailing list