This behavior raises a security problem since such
senders will go with policies that lean towards
delivery versus potential security threats.
If I'm understanding you rightly you are arguing against the o=~ or
"relaxed" policy provisions in SSP right? I don't view the use of those
policies as a security problem. Rather, they are the exercise of deliberate
choice on the part of the sender. You said yourself "a primary concern of
mail senders is to make sure the mail send out gets delivered" and similarly
in another place "senders tend to lean towards delivery at all costs,
despite the risks." Is your position that we should deny senders these
rights? Remember, it is the more relaxed policy options which you argue
against that provide for the exercise of these "primary concerns" while
still allowing a signer to assert responsibility. It is not a security
problem for DKIM when it asserts "signatures from me can not always be
expected". Use of o=- or o=~ is a matter for DKIM signers to decide; it is
not a matter for the specification documents to decide. This is my view on
this topic.
--
Arvel
_______________________________________________
ietf-dkim mailing list
http://dkim.org