On Sep 13, 2010, at 2:46 PM, Murray S. Kucherawy wrote:
-----Original Message-----
From: McDowell, Brett [mailto:bmcdowell(_at_)paypal-inc(_dot_)com]
Sent: Monday, September 13, 2010 11:13 AM
To: Murray S. Kucherawy
Cc: dkim-ops(_at_)mipassoc(_dot_)org
Subject: BCP for authorizing third-parties ([...] was subdomain vs.
cousin domain)
I'm surprised to see this level of misunderstanding on this mail list
between experts in this space. Is there already a BCP from IETF
regarding DKIM key management with/for 3rd-party senders? If not IETF,
anywhere else? If not, we probably should put one together.
The idea of a BCP presupposes enough experience with the material in practice
to have something to say about it. I don't think we're even half way there
on this topic, or on the topic of DKIM policy in general.
Limitations of the current email infrastructure coupled with myriad mail
rewriting and relaying practices, all with some level of sound technical
backing, make identifying the "B" in "BCP" a challenge.
I actually thought there was a fair degree of deployments where some ESP's
DKIM-sign mail on behalf of their clients, by means of key management much as
you outlined above. No?
_______________________________________________
dkim-ops mailing list
dkim-ops(_at_)mipassoc(_dot_)org
http://mipassoc.org/mailman/listinfo/dkim-ops