[ietf-dkim] ADSP Informative Note on parent domain signing
fenton at cisco.com
Tue Apr 7 14:36:08 PDT 2009
Douglas Otis wrote:
> On Apr 6, 2009, at 4:36 PM, Jim Fenton wrote:
>> There remains some disagreement on whether the "informative note"
>> contained in the last paragraph of the text I proposed on March 27
>> should appear in the ADSP draft. The note said:
>>> Informative Note: ADSP is incompatible with DKIM signing by parent
>>> domains described in section 3.8 of [RFC4871] in which a signer uses
>>> "i=" to assert that a parent domain is signing for a subdomain.
>> This would replace the Note in draft-ietf-dkim-ssp-09, section 2.7.
> ### This note is not correct. The incompatibility is not dependent
> upon the i= value, which might be omitted.
> Informative Note: ADSP is incompatible with DKIM signing by parent
> domains described in section 3.8 of [RFC4871] when a parent domain
> signs for a sub-domain within an email-address. ADSP requires the
> From email-address domain (Author Domain) and the signing domain
> (SDID) to be the same.
But what section 2.7 talks about has to do with the use of the i=
value. Without the i= value, Parent Domain Signing (as defined there)
Have a look at the alternate wording I proposed in response to Ellen's
message and let me know what you think of that.
More information about the ietf-dkim