[ietf-dkim] Re: ISSUE 1521 -- Limit the application of SSP to
unsigned messages
Arvel Hathcock
arvel.hathcock at altn.com
Thu Jan 24 11:50:44 PST 2008
>> I would take this further: remove all text that says when to apply
>> SSP. Instead, provide text that states the contribution that SSP
>> can make under different conditions: mail with valid first-party
>> signature, mail with valid third-party signature, and mail without
>> valid signature.
>>
>
> I mostly agree with Wietse's proposal. Yes, I'm aware that diverges
> sharply from the current draft.
I could get behind Wietse's proposal also if it hadn't started with "I
would take this further." I'm concerned with the "this" he refers to
which encourages avoiding SSP completely in the presence of a verifiable
signature from just anybody whom-so-ever. I view that notion as
completely defeating SSP.
Arvel
More information about the ietf-dkim
mailing list