[ietf-dkim] NEW ISSUE: SSP-02: Policy Scope
Wietse Venema
wietse at porcupine.org
Wed Feb 13 14:00:00 PST 2008
Wietse Venema:
> Douglas Otis:
> > The current assumption used when asserting DKIM policy is that this
> > policy might apply across _all_ protocols used to carry messages that
> > might contain DKIM signatures. Either DKIM policy records need to
> > declare the scope of the protocols covered by the policy, or the label
> > used to discover a policy should employ different labels.
> >
> > Add:
> >
> > Policy assertions for _SSP records are limited to messages exchanged
> > by SMTP. When other protocols are used to receive messages, the
> > appropriate policy should be applied upon receipt, and/or the protocol
> > should be tracked within the message. One method for such tracking
> > could be implemented using Authenticated-Results headers.
>
> Excuse my ignorance, but why limit DKIM (or SSP) to information
> that is delivered via SMTP? They can work with any transport that
> uses RFCx822 for content and that uses DNS for name resolution.
-1 for the updated proposal. Cosmetic surgery on a dead horse
won't bring it back to life.
Wietse
More information about the ietf-dkim
mailing list