[ietf-dkim] Re: ISSUE: Better definition of "DKIM signing
complete" required
Charles Lindsey
chl at clerew.man.ac.uk
Fri Nov 24 07:53:11 PST 2006
On Fri, 24 Nov 2006 11:17:01 -0000, Stephen Farrell
<stephen.farrell at cs.tcd.ie> wrote:
> Frank Ellermann wrote:
>> Another obvious case which should be explicitly mentioned in the
>> 'DKIM-signing-complete' explanation is SenderID spf2.0/pra: Even
>> if we don't care about PRA, a PRA == 2822-From is a normal case.
>> A domain claiming to be 'DKIM-signing-complete' has to be sure that
>> there's some DKIM-signing agent on _all_ routes before one of their
>> spf2.0/pra PASS or NEUTRAL IPs. Otherwise they screwed up, causing
>> harm for mails "from" their domain.
>
> I think that last is a fair point. But I'm still not convinced that
> it's up to the DKIM WG (now) to figure out all details of all such
> gatewaying cases, which is where we'd be heading if we start on that
> road.
I think it is up to the DKIM WG to try to spot all the things that are
likely to break when DKIM starts to be implemented, and to do what it can
in its drafts to forestall them.
--
Charles H. Lindsey ---------At Home, doing my own thing------------------------
Tel: +44 161 436 6131
Web: http://www.cs.man.ac.uk/~chl
Email: chl at clerew.man.ac.uk Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K.
PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5
More information about the ietf-dkim
mailing list