[ietf-dkim] ADSP Informative Note on parent domain signing
Jim Fenton
fenton at cisco.com
Tue Apr 7 14:36:08 PDT 2009
Douglas Otis wrote:
>
> On Apr 6, 2009, at 4:36 PM, Jim Fenton wrote:
>
>> There remains some disagreement on whether the "informative note"
>> contained in the last paragraph of the text I proposed on March 27
>> should appear in the ADSP draft. The note said:
>>
>>> Informative Note: ADSP is incompatible with DKIM signing by parent
>>> domains described in section 3.8 of [RFC4871] in which a signer uses
>>> "i=" to assert that a parent domain is signing for a subdomain.
>>
>> This would replace the Note in draft-ietf-dkim-ssp-09, section 2.7.
>
> ### This note is not correct. The incompatibility is not dependent
> upon the i= value, which might be omitted.
>
> Informative Note: ADSP is incompatible with DKIM signing by parent
> domains described in section 3.8 of [RFC4871] when a parent domain
> signs for a sub-domain within an email-address. ADSP requires the
> From email-address domain (Author Domain) and the signing domain
> (SDID) to be the same.
>
But what section 2.7 talks about has to do with the use of the i=
value. Without the i= value, Parent Domain Signing (as defined there)
doesn't exist.
Have a look at the alternate wording I proposed in response to Ellen's
message and let me know what you think of that.
-Jim
More information about the ietf-dkim
mailing list