The requirement that I believe that the delegation discussion highlights is the
need for controlled delegation.
I.E I delegate to Fred the ability to sign on behalf of
marketing(_at_)example(_dot_)com but not ceo(_at_)example(_dot_)com(_dot_)
The delegation example is relevant because it is only the policy mechanism that
creates the need to count a signature by Fred as a domain signature for
example.com.
-----Original Message-----
From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org
[mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of Hector Santos
Sent: Tuesday, August 29, 2006 11:40 AM
To: IETF-DKIM
Subject: [ietf-dkim] Itemized Summary of SSP Requirements-00
This might help folks who don't have the time to read the
draft details and also serve a quick summary difference when
requirements-01 is completed.
Maybe it can also correct any misunderstanding, including my own.
5.1. Discovery Requirements
5.1.1 [_] MUST use DNS RR TXT for Policy record.
5.1.2 [_] MUST converge in a deterministic number of exchanges.
5.1.3 [_] MUST fit in 512 octets
5.2. Transport requirements
5.2.1 [_] Widespread deployment of the transport layer
5.2.2 [_] A low-cost query/response
5.2.3 [_] Caching and TTL
5.2.4 [_] Server Redundancy
5.3. Practice and Expectation Requirements
5.3.1 [_] MUST use 2822.From domain only.
5.3.2 [_] MUST allow "No Mail Policy"
5.3.3 [_] MUST allow "DKIM Signing Complete"
5.3.4 [_] MUST allow "1st party signature expected"
5.3.5 [_] MUST allow "Known 3rd party signature"
5.3.6 [_] MUST NOT mandate receiver handling of mail.
5.3.7 [_] MUST allow "Null Practice" ("May Sign Mail?")
5.3.8 [_] NOT Required to have a "Blacklist of signing domains"
5.3.9 [_] NOT required for valid 1st party signatures 5.3.10
[_] MUST allow for list of acceptable hashing methods
5.4. Extensibility and Forward Compatibility Requirements
5.4.1 [_] MUST NOT be used for other technology.
5.4.2 [_] MUST ALLOW for new policies
5.4.3 [_] MUST ALLOW for new protocols signed by DKIM
5.4.4 [_] MUST ALLOW for protocols other than DKIM
6. Security Requirements
6.1 [_] Minimize DoS potential
6.2 [_] Amplification Attacks
6.3 [_] Authenticity
--
Hector Santos, Santronics Software, Inc.
http://www.santronics.com
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html