[ietf-dkim] Another take on "all email from us is dkim signed"
MH Michael Hammer (5304)
MHammer at ag.com
Wed Mar 11 13:30:32 PDT 2009
> -----Original Message-----
> From: ietf-dkim-bounces at mipassoc.org [mailto:ietf-dkim-
> bounces at mipassoc.org] On Behalf Of Michael Thomas
> Sent: Wednesday, March 11, 2009 4:26 PM
> To: Steve Atkins
> Cc: ietf-dkim WG
> Subject: Re: [ietf-dkim] Another take on "all email from us is dkim
> signed"
>
> Steve Atkins wrote:
> > If there were another field in the DKIM-Signature header, or an
> > entirely separate email header covered by the DKIM signature, that
> > stated "all email sent using this domain in the From field will be
> > DKIM signed" then any receiving MTA or MTA cluster could keep track
of
> > that state (probably using their existing reputation tracking system
> > in the case of large receivers, and using a fairly trivial extension
> > to their DKIM plugins in the case of smaller ones).
>
> If nothing else, this would make revocation sort of... bizarre
> and unpredictable. The implication is that I'd have to send $you
> mail (for $you == 'universe') to get you to nuke my record in your
> database. Of course every good protocol becomes a control protocol
> for others, but still this seems a little whacked even by that
> standard :)
>
> Mike
Well, I suppose we could always include a TTL in the tag <G>.
Mike
More information about the ietf-dkim
mailing list