Dave Crocker wrote:
In fact the main reason that I question the need to have most/any of SSP --in
the *first* round of standardization -- is that there is quite a bit of utility
in exactly the scenario you describe: A message arrives with a signature.
*ANY* signature. There is quite a bit of useful information derived from
validating that signature, or having the signature fail validation.
I guess I'm having trouble understanding what this utility would be.
Perhaps if you could explain what you believe can be done with this
signature and this signature alone, I might understand better.
So far, IIRC, it seems that there are some who feel this is valuable as
a basis for accrual of reputation enabling reputation systems to be name
based instead of IP based. Is there some other utility you have in mind?
I certainly agree that a signature alone provides additional
information, the question in my mind is what can you do with it?
Scott Kitterman
_______________________________________________
ietf-dkim mailing list
http://dkim.org