[ietf-dkim] Re: Collection of use cases for SSP requirements
nobody at xyzzy.claranet.de
Fri Nov 17 05:01:08 PST 2006
Hallam-Baker, Phillip wrote:
> I am constructing a matrix with the outcomes for my processing algorithm
> and the best algorithms I can construct for the Fenton proposal.
Good, use Hector's matrix for comparison. Hector had those odd "first
party doesn't permit third party signatures" cells, if you drop this
the decision table should be clearer. Third party signatures are the
business of the third party, the sender can't get a veto, that would
force third parties into an expensive "check before sign" situation.
Wrt the requirements we might need some "MUST be clear what the h***
an SSP is talking about" (from, sender, pra, etc. - probably I won't
believe a single word if it's a naive "from" approach, or if it uses
the word "sender" without defining what that might be, spiced with
literal RFC 822 quotes).
It's not the same situation as in BASE, where a valid signature tells
us what it is about. As you have shown in earlier articles the SSP
is mostly interesting for mails without a valid signature.
More information about the ietf-dkim