[ietf-dkim] Base issue: multiple linked signatures
hsantos at santronics.com
Tue Dec 26 09:45:34 PST 2006
Dave Crocker wrote:
>> The WG did discuss related things, so maybe we'll decide that this was
>> covered and dismissed, but it's a wrinkle that I want to make sure we
>> look at.
> On the other hand...
> There is, therefore, a basic question: Why should a stable
> specification, for which working group consensus has been reached, be
> required to pursue such a topic at this stage?
Because, by far, there are going to be TWO general cases:
- Strong/Exclusive Domain Signatures scenarios
- Mailing List or 3rd party distribution scenarios
and we spent a lot of time wondering how to resolve the latter when in
fact, we all know there is going to be, a somewhat Natural expectation,
of HIGH potential invalid signatures due to mail integrity issues.
We all know the exclusive will work in its direct emailing capacity, and
by some, maybe too good or too strong in that it can break "certain
kinds" of 3rd party distributions. But to me, that to me a desired
feature and not a show stopper.
What is the show stopper is seeing a vast 3rd party DKIM distribution
where the majority of the signings are invalid. So it will always be
interesting to see how we can best address it.
> I therefore suggest that the working group politely decline to pursue
> this scenario.
Unless there is a solid solution to this, I agree with you that it
probably isn't worth pursuing.
OTOH, I still think SSP is the required and "easy" technology to answer
many of the DKIM signature "Domain Mail Expectation" questions and I
think SSP is related and also covers this "link signature" concept.
More information about the ietf-dkim