----- Original Message -----
From: "Mark Delany" <MarkD+dkim(_at_)yahoo-inc(_dot_)com>
It obvious that there are two relatively strong viewpoints: one the
passive that Dave describes and one the active that, amongst others, I
describe.
...
Do we try and accommodate both? If so, how?
In my opinion, and I had asked the chair a week or so to consider this
approach:
I also proposed a straw vote on the fundamental question:
Do you believe there are security problems
directly or indirectly related to DKIM-BASE that are worth
solving or addressing using a Sender Signer Policy concept?
If we can't get this one clear, then you are right, there is essentially no
hope in solving this. If the censensus is such the answer is NO, then we
punt on SSP, WG is basically done.
If the answer is YES, then we need to itemized the security problems we need
to address related to DKIM-BASE signatures or lack thereof. Once this
secury list is established, then we can come up with policy declarations
that help address them.
But there is no need to do anything else of the consensus there is no
security problems with DKIM-BASE.
--
Hector Santos, Santronics Software, Inc.
http://www.santronics.com
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html