----- Original Message -----
From: "Stephen Farrell" <stephen(_dot_)farrell(_at_)cs(_dot_)tcd(_dot_)ie>
Anyway I guess this is just another argument to require support for
inclusion of some kind of allowed-signer list in SSP statements, and
maybe also for a requirement that the SSP statements should be able
to be "sourced" independently of key records. I guess the WG should
consider both requirements and adopt 'em or drop 'em, so including
them for now is probably right.
+1 for both - signer list, independent records.
Incidentally, the DSAP proposal currently considers an "allow list" tag
4.3. DSAP Tag; 3pl=<dom-list>;
The 3pl= is an optional tag that defines a list of 3rd party domains
who are allowed to DKIM sign the message as a 3rd party signer. This
tag is ignored unless 3rd party signing policy is expected or
optional (3p=always or 3p=optional).
<dom-list> is a comma delimited list of domain names.
One initial and obvious design consideration is length limit related. One
reviewer did suggest some 'include' concept or protocol to access large
Hector Santos, Santronics Software, Inc.
NOTE WELL: This list operates according to