[ietf-dkim] Accidental versus malicous error
Hector Santos
hsantos at santronics.com
Thu Dec 20 17:30:41 PST 2007
Douglas Otis wrote:
> Only that you want resources wasted on invalid DKIM signatures?
Who said that? I would appreciate you stop making up stuff and blurting
it out as if that is what I said.
> TPA-SSP was to permit a safe and reasonable means to "authorize" other
> domains.
We are not talking about TPA here.
>> [X] Promote Bad Signatures to No Signatures (default)
>> [X] For ALL and STRICT policies only.
>
> You mean demote bad signatures.
No. I said promote. BAD to NONE is a promotion. Not a demotion.
Please stop twisting what I said.
Under the default SSP policy (UNKNOWN or OPTIONAL signing), a bad
signature promotion to NONE will validate the message as it never
occurred. The same will occur when a domain has a ALL|STRICT policy but
the verifier does not support SSP. Of course, opinion may vary, to me,
I stand by the idea that is not a demotion of state, but rather a
promotion.
--
Sincerely
Hector Santos, CTO
http://www.santronics.com
http://santronics.blogspot.com
More information about the ietf-dkim
mailing list