[ietf-dkim] What is your view on these three SSP topics?
Stephen Farrell
stephen.farrell at cs.tcd.ie
Tue Jan 22 09:08:45 PST 2008
Dave Crocker wrote:
>
>
> Stephen Farrell wrote:
>>> There's a fair bit of mail out there that doesn't fit this scenario,
>>> i.e. which is signed by an entity other than those in the designated
>>> headers.
>>
>> If there are data available demonstrating this, that would be good to
>> see.
>
> Stephen, that requirement needs to work both ways.
Just to clarify. I wasn't trying to impose any requirement. If
such data exist and can be made available that may well help us
to make decisions. If it doesn't exist, is hard to gather or
commercially sensitive or whatever, then we'll have to live with
that and do our best.
> It is, for example, why I noted that SSP needs a real and separate
> threat analysis, and statement about the scenarios it applies to and >
> those it does not.
Sure. Those are fine, but different, things.
S.
More information about the ietf-dkim
mailing list