[ietf-dkim] Proposed changes to MLM draft
Rolf E. Sonneveld
R.E.Sonneveld at sonnection.nl
Mon Aug 30 13:50:58 PDT 2010
On 08/30/2010 10:13 PM, Dave CROCKER wrote:
> On 8/30/2010 1:10 PM, Rolf E. Sonneveld wrote:
>>> I'd suggest that the second item actually be a normative
>>> specification of
>>> value-added features. This requires a change to the charter, and so
>>> it would
>>> have to wait until completing the current charter.
>> can you elaborate on what, in your view, would be part of this normative
> merely as an example, I'll cite the usage of DKIM for subscription and
> submission validation that has been mentioned a few times. Formally,
> using DKIM that way is almost certainly a value-added semantic that
> goes beyond the semantics of the DKIM signing specification. That's
> ok to do, but requires a normative spec to define the behavior and
Can we say anything normative about subscriptions and submissions when
the From address (even if DKIM signed- and verified OK) does not
necessarily say anything about the identity of the sender?
Or, vice versa, can we put more trust/faith in the From address if the
domain in the From address is equal to the d= domain value?
I assume you mean with subscription and submission validation, the act
of permitting/denying someone/some address to subscribe or to submit
mail? If so, that's an action in the category 'authorization' and
authorization requires authentication as foundation.
Please note: I'm not trying to kick off a complete new discussion, but
these are real questions that keep me busy. I'd love if the answer to
the second question would be: "Yes, IF domain part of From address
equals d= domain value, THEN we can use the From address as
authentication information", but I believe all discussions on this list
have not provided a clear "yes" answer to this question.
+1 for taking these items out of the MLM draft and create a separate
document for them, although I'm not sure it can be normative or just
P.S. Dave, is it possible to disable greylisting for mipassoc.org or at
least for contributions to this list? Now we get sometimes a-synchronous
contributions where the answer precedes the question. (And yes, I hate
More information about the ietf-dkim