[ietf-dkim] A perspective on what SSP is attempting
Dave Crocker
dhc at dcrocker.net
Sun Dec 9 08:42:41 PST 2007
Michael Thomas wrote:
>> Of course, SSP also includes guidance on unsigned messages.
> That and "organization" gives a lot more legitimacy to the kind of third
> parties that SSP is trying stop. But this whole formulation is problematic
> though. Better is:
>
> SSP is an organization's attempt to *inform* receivers what its practices
> are so that receivers can make better disposition decisions about mail
> purporting, but without DKIM substantiation, to have originated from that
> organization.
Orwell is getting a lot of discussion, these days. As well he should. The
tendency to deny or re-cast the meaning of simple, basic words has become common.
I will therefore suggest careful consideration that:
> handling= Non-compliant message handling request for the domain
> (plain-text; OPTIONAL). Possible values are as follows:
>
> process Messages which are Suspicious from this domain SHOULD be
> processed by the verifier, although the SSP failure MAY be
> considered in subsequent evaluation of the message. This is
> the default value.
>
> deny Messages which are Suspicious from this domain MAY be
> rejected, bounced, or otherwise not delivered at the option of
> the verifier.
is nothing so passive as "informing" receivers about a potential signer's
practices.
Language like "message handling request" is requesting a specific behavior by
the receiver.
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
More information about the ietf-dkim
mailing list