[ietf-dkim] Re: Requirements comment: Bigbank example description
hsantos at santronics.com
Thu Aug 10 06:55:20 PDT 2006
----- Original Message -----
From: "william(at)elan.net" <william at elan.net>
To: "Hector Santos" <hsantos at santronics.com>
Cc: "Scott Kitterman" <ietf-dkim at kitterman.com>; <ietf-
>> What's wrong with checking each one? I mean, why
>> allow for a loophole?
> Wasn't one of the requirements finite number of queries?
As finite as required I guess.
> If not then I'd like to send email with 100 different
> addresses in From but all within different domains on
> your dns server to 10,000 random people. Want to
> guess how many requests you'll receive?
Maybe there is short circuit?
Maybe I won't even bother with such nonsense multi-address from lines, which
probably is going to break along some down stream anyway. In all honesty,
it is rare to encounter this, IMV.
Also, consider the signature itself. Maybe as long as the hash includes the
From: and the signature is valid, maybe the minimum requirement is that such
a signer doing this must set the first address as the OA domain. In this
case, maybe only the first address is the only that really counts for SSP
purposes. Will that work?
IAC, I don't see this as a show stopper that's for sure. :-)
Hector Santos, Santronics Software, Inc.
More information about the ietf-dkim