[ietf-dkim] Re: ISSUE 1521 -- Limit the application of SSP to
unsigned messages
Jim Fenton
fenton at cisco.com
Thu Jan 24 11:55:43 PST 2008
Arvel Hathcock wrote:
>>> I would take this further: remove all text that says when to apply
>>> SSP. Instead, provide text that states the contribution that SSP
>>> can make under different conditions: mail with valid first-party
>>> signature, mail with valid third-party signature, and mail without
>>> valid signature.
>>>
>>
>> I mostly agree with Wietse's proposal. Yes, I'm aware that diverges
>> sharply from the current draft.
>
> I could get behind Wietse's proposal also if it hadn't started with "I
> would take this further." I'm concerned with the "this" he refers to
> which encourages avoiding SSP completely in the presence of a
> verifiable signature from just anybody whom-so-ever. I view that
> notion as completely defeating SSP.
That's exactly what I was hoping wasn't being proposed.
-Jim
More information about the ietf-dkim
mailing list