Dave Crocker:
offlist
This was on-list, thus my reply on-list...
Wietse Venema wrote:
If a signature uses a domain related to the author's domain, then we
have
no SSP issue. The author's domain is used for assessment. No SSP query
need be
made.
[Plus a straightforward DNS-based delegation mechanism so that the
author's ISP can use a UNIQUE signing domain that relates directly
to the author's domain]
hence the examble's using isp.author.com, yes?
I like this. This is very close to what I want: signed mail that
speaks for itself, whether it's first-party or third-party signed.
No batteries required.
and just to make sure *I* understand what you mean: mail signed by the
author,
or mail signed by an operator?
Whether the signing domain is the author's domain (1) or whether
the signing domain is an unrelated domain (2)
(1) Secret key with the author, or delegated to author's ISP.
(2) A mailing list operator, an operator that stamps mail as
"no known virus present", or some other transit service.
Wietse
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html