----- Original Message -----
From: "Scott Kitterman" <ietf-dkim(_at_)kitterman(_dot_)com>
If I'm standing at a kiosk, how do I have any control over how
a message sent through that kiosk gets signed? I don't think I do.
I see several things:
If you going to use an email address via this kiosk, you should make sure
your SSP record says
"optional signing by my domain." or
"3rd party signatures allowed (with no list)"
You are using a "neutral device", therefore you really should not be using
restrictive policies.
On the flipside, if I had a restrictive policy, I would not want someone
using my email address from a Kiosk machine in an open-ended manner. At the
very least I am taking an proactive measure to help protect my domain from
possible external abuse.
Also, assuming the kiosk vendor is ambitious and adds DKIM-SSP v1.0 software
support, it would do the following:
1) Add support to check for restrictive policies that an user may use. If
the address is found restrictive, i.e. the kiosk is not able to sign on the
user's domain behalf, then it will immediate popup a message:
Sorry, this email address is DKIM protected.
Use another email address.
2) It will add a checkbox to the header input form:
From: ____________________
To: ____________________
Subject: ____________________
[_] Sign message using Mr. Kiosk DKIM Service (*)
* Adds $1.99 surcharge.
SSP is the Bomb!!! <g>
--
Hector Santos, Santronics Software, Inc.
http://www.santronics.com
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html