Hallam-Baker, Phillip wrote:
In saying that, do you think that your #2 policy set includes describing
an authorized set of relationships between use of their domain in
certain header fields (e.g. From:) and the signing domain?
You are describing a mechanism and explaining what it may accomplish
in the narrow terms of the mechanism. This unfortunately has
to do with claims made within the charter regarding header
Lead-in problem statement:
| Forgery of headers that indicate message origin is a problem for
| Internet mail.
OK I think we are in agreement here. I think that the charter should be
written in terms of
1) Providing a mechanism whereby an Internet domain name owner can claim
responsibility for an email message
2) Provide a mechanism to allow notification of an Internet domain name
owner's policy for claiming accountability
3) Provide an authentication platform on which TTP providers of
accreditation and/or reputation information can build products that are
tied to a domain name rather than an IP address.
Forgery then falls out of the goals section of the charter, it is simply
an attack that might be attempted.
Also, does DKIM provide an authentication platform or an authorization
ietf-dkim mailing list