[ietf-dkim] Collection of use cases for SSP requirements
mike at mtcc.com
Fri Nov 17 06:47:32 PST 2006
Wietse Venema wrote:
> Hallam-Baker, Phillip:
>> FOR DKIM BASE:
>> We have three possible outcomes: Definitely Genuine, Definitely
>> Fake and Undetermined
>> [We can if people think there is value further break down
>> Undetermined according to probability but bear with me]
> My understanding is that DKIM-base can produce only two results:
> signature verification succeeds or signature verification fails.
> I may be mistaken, but it seems to me that expanding these two
> results into >2 involves information outside DKIM-base.
Part of the problem here, I think, is that it depends on who the result is
for. From a forensics standpoint, broken signatures are clearly a lot
different than no signature. For your average automaton, however, they
*never* be taken as different if the difference leads to preferential
of broken/none (or visa versa).
The other part of this is that it's rather misleading to say that the
of a positive signature verification is that it verified. Once it
a wealth of information both in the signature header and the rest of the
that is now known to be tied to the signing entity. How that information
is outside of the scope of the DKIM work, but we shouldn't be giving the
impression that it doesn't exist, or that it is improper to take
or anything else like that.
More information about the ietf-dkim