On 2005-07-26 19:58:13 -0700, domainkeys-feedbackbase02(_at_)yahoo(_dot_)com wrote:
If so, that's not something I could support as I don't want senders deciding that I have to initiate xkms fetches to achieve a base level of authenticated email. An optional augmentation beyond authentication sounds fine, but as a base level, no.
I may also decide that you have to implement OpenPGP/MIME and do PGP key server fetches and trust computations in order to achieve a basic level e-mail authentication for the messages I send -- just by not using DKIM, but actually using OpenPGP/MIME. Look at this message, for instance. The question here is really about what the semantics of unverifiable signatures are. -- Thomas Roessler, W3C <tlr(_at_)w3(_dot_)org>
pgppOYl1XQczZ.pgp
Description: PGP signature