----- Original Message -----
From: "Michael Thomas" <mike(_at_)mtcc(_dot_)com>
To: "Stephen Farrell" <stephen(_dot_)farrell(_at_)cs(_dot_)tcd(_dot_)ie>
Stephen Farrell wrote:
So if, during the threat analysis, we identify some such
constraints that make life easier/better when combined with
some ssp options then we could consider standardising them,
or did you mean that any such constraints should be just up
to the individual implementer/signer?
That's pretty much how I view it. It's like which headers you sign:
there are some that are pretty obvious, but other that aren't and
it doesn't affect interoperability to have different signers have
different opinions that I can see. I'm somewhat skeptical that we'd
get a single answer that could be codified at this point, and the
amount of effort to get there could frankly be used on more
important problems, IMO.
I agree.
The only difference is that I only see one dissenter and the suggestions and
unproven big-picture ideas proposed, included with bogus subject titles, are
drastically different than what the DKIM/SSP charter attempts to address.
The key questions is how SSP should be used, what impact it will have, under
which policies, and where (what/how software needs to change).
--
Hector Santos, Santronics Software, Inc.
http://www.santronics.com
_______________________________________________
ietf-dkim mailing list
http://dkim.org