[ietf-dkim] Re: ISSUE: Better definition of "DKIM
signing complete" required
Stephen Farrell
stephen.farrell at cs.tcd.ie
Fri Nov 24 08:13:20 PST 2006
Charles Lindsey wrote:
> On Fri, 24 Nov 2006 11:17:01 -0000, Stephen Farrell
> <stephen.farrell at cs.tcd.ie> wrote:
>
>> Frank Ellermann wrote:
>
>>> Another obvious case which should be explicitly mentioned in the
>>> 'DKIM-signing-complete' explanation is SenderID spf2.0/pra: Even
>>> if we don't care about PRA, a PRA == 2822-From is a normal case.
>>> A domain claiming to be 'DKIM-signing-complete' has to be sure that
>>> there's some DKIM-signing agent on _all_ routes before one of their
>>> spf2.0/pra PASS or NEUTRAL IPs. Otherwise they screwed up, causing
>>> harm for mails "from" their domain.
>>
>> I think that last is a fair point. But I'm still not convinced that
>> it's up to the DKIM WG (now) to figure out all details of all such
>> gatewaying cases, which is where we'd be heading if we start on that
>> road.
>
> I think it is up to the DKIM WG to try to spot all the things that are
> likely to break when DKIM starts to be implemented, and to do what it
> can in its drafts to forestall them.
No. "All" is not reasonable. (Obvious, non-controversial things are
easy, of course, but I've not seen many of those.)
As chair, if someone wants to write up a personal draft explaining
such details then I'd be fine with the group considering its adoption.
(Or inclusion in the overview document.)
I am not fine with considering an unbounded number of possibly
controversial protocol interactions before doing something.
Stephen.
More information about the ietf-dkim
mailing list