[ietf-dkim] Delegated signatures in real life
Hector Santos
hsantos at santronics.com
Wed Aug 30 07:50:06 PDT 2006
----- Original Message -----
From: "John Levine" <johnl at iecc.com>
To: <ietf-dkim at mipassoc.org>
Cc: <ietf-dkim at kitterman.com>
Sent: Wednesday, August 30, 2006 10:28 AM
Subject: Re: [ietf-dkim] Delegated signatures in real life
> Keep in mind that DKIM, unlike SPF, requires the active
> participation of whoever runs your outgoing mail server
> to apply signatures, unless you are enough of a weenie
> to run a signing engine in your MUA and do your own key
> management.
Exactly, so unless you have a written, verbal contract, TOS or what have
you, signing mail on the behalf of the 1st party, masquarading as the 1st
party or as the 3rd party has some serious implications.
Unless there is some prior agreement or authorization, you're opening up a
can of worms.
And what if the MUA weenie is signing mail? How is his or her ISP going to
handle that? Just blindly resign mail again? Why? For what purpose?
--
Hector Santos, Santronics Software, Inc.
http://www.santronics.com
More information about the ietf-dkim
mailing list