[ietf-dkim] user level ssp
Hallam-Baker, Phillip
pbaker at verisign.com
Thu Sep 7 06:53:03 PDT 2006
What is the difference on the recipient side between 'I sign no mail' and 'I sign some mail'?
The recipient will not look at the policy record if there is a valid signature and if there is no signature the fact that it might have been signed is irrelevant.
The only policy that has use to a recipient is to know that every message without exception is signed. Otherwise there is no utility in the policy record.
> -----Original Message-----
> From: ietf-dkim-bounces at mipassoc.org
> [mailto:ietf-dkim-bounces at mipassoc.org] On Behalf Of Wietse Venema
> Sent: Thursday, September 07, 2006 7:23 AM
> To: ietf-dkim at mipassoc.org
> Subject: Re: [ietf-dkim] user level ssp
>
> Hallam-Baker, Phillip:
> > I think it is entirely likely that bigbank.com would have a
> situation
> > where the mail servers for its east coast offices were adding
> > signatures but the ones for the west coast were not. The
> part that is
> > less easy to see is whether there is value to the short
> term fix. It
> > is probably easier to just do the deployment.
> > But it is not certain that this will be the case.
>
> This hypothetical bank can use the hypothetical "I sign some
> of my mail" policy until the DKIM roll-out is complete, and
> then transition to the "I sign all my mail" policy.
>
> A per-user mechanism is not the obvious solution for this problem.
>
> Wietse
> _______________________________________________
> NOTE WELL: This list operates according to
> http://mipassoc.org/dkim/ietf-list-rules.html
>
>
More information about the ietf-dkim
mailing list