[ietf-dkim] SSP vs. reputation (was: ISSUE 1521 -- Limit the
application of SSP to unsigned messages)
chl at clerew.man.ac.uk
Fri Jan 25 07:26:02 PST 2008
On Fri, 25 Jan 2008 09:36:49 -0000, Frank Ellermann
<nobody at xyzzy.claranet.de> wrote:
> Hector Santos wrote:
> On my dead box I have a few old mails From: you. Under mail
> rules since RFC 822 I am entitled to resend them to say Eric,
> maybe in a discussion about the merits of SMTP HEAD vs. SREJ.
> That you (as domain owner) can suddenly try to decree that I
> cannot resend your old unsigned mail to Eric is preposterous
> and a design issue in SSP.
Actually, it is a design issue in DKIM. If Hector wants to prevent you
resending his messages to Eric, all he has to do is to include the
relevant "Resent-*" headers within the scope off his signature (which
amounts to a declaration that there are none). So if you then resend them
to Eric, Eric will find that Hector's signature no longer works (and, of
course, Hector's SSP=strict :-( ).
Charles H. Lindsey ---------At Home, doing my own thing------------------------
Tel: +44 161 436 6131
Email: chl at clerew.man.ac.uk Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K.
PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5
More information about the ietf-dkim