Scott Kitterman wrote:
On Thursday 17 August 2006 11:44, Bill(_dot_)Oxley(_at_)cox(_dot_)com wrote:
Big gaping hole, I may assume that isp.com can determine the
author/originator but how to differentiate or not sign a spoof?
It gets back to is the signer controlled or uncontrolled. Only a controlled
signer is suitable for SSP delegation (this would be a contractual matter
between the ISP and their customers).
If that's really the case, I'm not sure why this idea has any merit at
all because
we already have the means to do controlled delegation using NS records, and
it doesn't tickle any of these problems.
Mike
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html