[ietf-dkim] Tracing SSP's paradigm change
Dave Crocker
dhc at dcrocker.net
Wed Dec 5 19:08:17 PST 2007
Arvel Hathcock wrote:
> > Well, I reviewed the archives for the period during which i= was added
> > and could not find discussion of it. So I'm glad to hear you've done
> > a more thorough review. This means that you can point me to the
> > archives of the working group consideration of the issue?
>
> I wouldn't waste any more time chasing this. Even if no such archive
> exists, what is that but evidence that this issue is idiosyncratic or
> has been deemed utterly unremarkable?
A lack of working group discussion is evidence of a lack of working group
awareness and most certainly a lack of explicit working group consensus.
The use of SSP for signed messages creates a series of functional interactions
that SSP's use on unsigned messages does not.
For a security protocol to skip analysis of interaction effects -- heck, for
any protocol function to do this -- seems a tad unusual, particularly when it
seeks to modify an existing critical infrastructure service.
> The notion that "DKIM-Base is for signed mail while DKIM-SSP is for
> unsigned (only)" has never been thinking in accord with any draft of SSP
> which I remember reading or implementing. And it's clearly out of step
> with where we are today.
Note that <http://www.imc.org/ietf-mailsig/mail-archive/msg02252.html> refers
to unsigned messages and not signed messages that do not match the From field.
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
More information about the ietf-dkim
mailing list