[ietf-dkim] A perspective on what SSP is attempting

Bill.Oxley at cox.com Bill.Oxley at cox.com
Mon Dec 10 07:25:25 PST 2007 

SSP consists of what the following statements mean
1. I sign all mail
2. I sign some mail
3. I sign no mail
4. I sign other domains mail
5. Other domains sign my mail

Number 3 has been declared out of scope.  4 and 5 appear problematic 1
and two are clearly defined and somewhat in agreement when it comes from
a single FROM: address with a single signature. 

In what circumstances is SSP to be used.
When a signature arrives broken and possibly, no signature=broken

What to do with broken signatures?
Receiver side policy determines that.

So that leaves multiple signatures, multiple FROM: and mixed SSP records
from a list posting.
No change, receiver side policy determines what to do.

Scores can be addeed and subtracted for each scenario, but SSP is not so
much a technology but a informational description of sender intent.



Bill Oxley
Messaging Engineer
Cox Communications
404-847-6397

-----Original Message-----
From: ietf-dkim-bounces at mipassoc.org
[mailto:ietf-dkim-bounces at mipassoc.org] On Behalf Of Dave Crocker
Sent: Saturday, December 08, 2007 6:00 PM
To: Michael Thomas
Cc: dcrocker at bbiw.net; ietf-dkim at mipassoc.org
Subject: Re: [ietf-dkim] A perspective on what SSP is attempting

Mike,

Given the existence of thousands of messages in the archive, it won't be
much 
effort for you to point me to a thread of them.  The one thing I will
ask, 
however, is that it not merely be a reference to the issue, but rather a

thread in which the perspective is in fact, considered and incorporated
into 
the design process.

I ask for the pointer because I'm not aware of such consideration taking
place.

d/

Michael Thomas wrote:
> Dave Crocker wrote:
>> Sorry it was not clear that the issue has been that working group 
>> discussion has only been from the perspective you describe and rather

>> steadfastly 'left out' the one I described.
>>
>> Of course, any reasonable discussion would include both. But that 
>> first requires acknowledging the relevance of both.
> 
> We have acknowledged the relevance of both. This was discussed
> ad nauseum in the thousands of messages about third party vouching,
> added as provisional requirements, ID's written, and ultimately
rejected.
> I'm not sure how you could have missed that, but I know that my mind
> was numb for the experience.
> 
>       Mike
>>
>> d/


-- 

   Dave Crocker
   Brandenburg InternetWorking
   bbiw.net
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

More information about the ietf-dkim mailing list