What do others think of this characterisation of the service dkim is
providing?
I agree that this is what DKIM-base does. DKIM-ssp goes further in that it
adds a mechanism for a domain owner to communicate to DKIM verifiers whether
and to what degree signatures should be expected. So, if you don't include
SSP as part of "the service DKIM provides" then Neds words are sufficient.
If you want to include SSP as part of that service then something like this
might be in order:
The services DKIM provides are (a) the ability to assert responsibility for
an email message in transit by means of a digital signature and (b) a
mechanism through which a domain owner can communicate whether and to what
degree signatures should be expected in messages which advertise his domain
name in particular identity headers.
Technically, that is what DKIM does so long as SSP remains part of this
process.
--
Arvel
_______________________________________________
ietf-dkim mailing list
http://dkim.org