[ietf-dkim] RE: I think we can punt the hard stuff as out ofscope.
fenton at cisco.com
Fri Jun 8 21:55:18 PDT 2007
It's somewhat of a political issue: I don't favor a NOMAIL policy
because I don't feel that the DKIM WG has the authority to create a
policy framework describing the overall use of email, just the use of DKIM.
What a non-mailing domain can do that is almost equivalent and within
scope is to express a policy that they sign everything, and an
expectation that receivers should receive signed mail from the domain,
and then publish no public keys (selectors). If the verifier can't
retrieve the public key, then the signature can't possibly be good and
there's no use verifying it. The only extra overhead compared with a
NOMAIL policy is that with NOMAIL it isn't necessary to retrieve the
public key. But many verifiers will only do SSP if there's no valid
originator signature, so they won't know of the NOMAIL policy yet anyway.
So I think this could be accomplished in a different manner.
Patrick Peterson wrote:
> I read the posts as best I could and found some ambiguity.
> I strongly believe nomail is important so I may be biased but it did not
> appear to be cut and dry. In fact, some of the "No nomail" votes said
> the objective could be accomplished in a different manner.
> Since I didn't vote I do not feel I can raise the issue again. But it is
> clear to me that summarily striking down any discussion of this item as
> out of scope is not appropriate. Putting it in a box or deferring it may
> be. But I would ask everyone to listen to the justification for nomail
> regardless of when/if it is addressed. Many of our assumptions change as
> design continues and input is received.
> Would it help the discussion if large deployers of DKIM expressed their
> opinions on nomail? (Again, they could express their opinions and this
> item could still be held for later.)
>> -----Original Message-----
>> From: ietf-dkim-bounces at mipassoc.org
>> [mailto:ietf-dkim-bounces at mipassoc.org] On Behalf Of Stephen Farrell
>> Sent: Wednesday, June 06, 2007 6:46 AM
>> To: Stephen Farrell
>> Cc: ietf-dkim at mipassoc.org
>> Subject: Re: [ietf-dkim] RE: I think we can punt the hard
>> stuff as out ofscope.
>> Stephen Farrell wrote:
>>> Tomorrow I'll dig through the archive and find the reference
>>> for where we agreed that the "nomail" requirement text that was
>>> previously in the ssp-reqs draft would be excised.
>>> If someone in an earlier TZ wants to do that in the meantime,
>>> you'll have my thanks,
>> No volunteers eh;-)
>> So I went back in time and found:
>> Issue 1365  included a mention that we could/shoud
>> delete the "never send mail" item.
>> That was raised by Eric on the list  in February and
>> dicussed at length.
>> Following that discussion I started a strawpoll  that
>> resulted in a 2:1 ratio  in favour of deprecating the
>> feature in SSP.
>> That's all nice and clear so "nomail" is out of scope, as
>> the WG agreed, even if not overwhelmingly. It seems like
>> all of the people who wanted to keep the feature then still
>> do, and I've not noticed anyone changing their mind. So,
>> there's no reason to reopen this that I can see.
>> So let's be grown-ups and move on,
>>  https://rt.psg.com/Ticket/Display.html?id=1365
>>  http://mipassoc.org/pipermail/ietf-dkim/2007q1/007139.html
>>  http://mipassoc.org/pipermail/ietf-dkim/2007q1/007185.html
>>  http://mipassoc.org/pipermail/ietf-dkim/2007q1/007254.html
>> NOTE WELL: This list operates according to
> NOTE WELL: This list operates according to
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the ietf-dkim