[ietf-dkim] [psg.com #1571] [Comment] Examples in SSP-03
rt+dkim at rt.psg.com
rt+dkim at rt.psg.com
Tue Jul 29 02:17:42 PDT 2008
This is a comment. It is not sent to the Requestor(s):
From: Siegel, Ellen
Sent: Thursday, July 10, 2008 10:53 AM
Subject: Issue: clarifications needed for usage examples (Appendix A)
I know we're trying to avoid new issues, but I think we need some
clarifications/extensions to the usage examples in Appendix A.
1) In A.1, make the list of "other paths" more complete. In particular,
add participation in mailing lists, and sending mail from external email
"...Such paths could include MTAs at hotels or hotspot networks used by
traveling users, web sites that provide "mail an article" features, user
participation in mailing lists, or use of 3rd party mail clients that
support multiple user identities."
2) Add an example for dkim=unknown (or no record). All of the existing
examples are for the use of "all" or "discardable". We need a clear
example of where this is not a good idea, where a domain should publish
"unknown" (or not publish at all).
Add new section:
A.6 Domains with Independent Users and Liberal Use Policies
When a domain has independent users and its usage policy does not
explicitly restrict them to sending mail only from designated in-house
mail servers (e.g. many ISP domains and even some corporate domains),
then it is only appropriate to publish an ADSP record containing
"unknown". Publishing either "all" or "discardable" will likely result
in significant breakage because independent users are likely to send
mail from the external paths enumerated in section A.1.
3) Clarify the use of the term "forgery" in section A.3. It is
misleading to represent lack of an Author Signature as a "forgery"
without the clarification that this is true only in the case where there
is a reasonable expectation that usage of that domain name is
appropriately controlled. This is implicit from the position of the
statement within this particular section, but could easily be misread.
Modify the sentence about forgeries to read:
"In the case of domains with tightly controlled outgoing mail, this
latter kind of mail is sometimes loosly called "forgeries")."
esiegel at constantcontact.com
More information about the ietf-dkim