On 8/24/06, Michael Thomas <mike(_at_)mtcc(_dot_)com> wrote:
> What do we do when there is no signature and no d= domain to
> work with?
> This is sort of hazy in my mind.
That's an orthogonal question to your first assertion, and is the very
SSP attempts to answer. My only point here is that dkim-base does give you
control over who signs in your domain's name. That's an already solved
that needn't be revisited by SSP.
I don't subscribe to the Word of the Day but orthogonal is indeed what
the question was.
I completely understand that I have control over whom may sign for
me. The issue I have is the granularity and selectivity's of the
policy. See my earlier example. This is exactly (minus the fake domain
names) what I am doing right now on a very large scale. So it is a
very "real world" example.
NOTE WELL: This list operates according to