Scott Kitterman wrote:
On 01/19/2006 15:50, Michael Thomas wrote:
Earl Hood wrote:
On January 19, 2006 at 03:10, "Hector Santos" wrote:
Sender-Signing Policy (SSP):
NONE (no policy)
o=? WEAK (signature optional, no third party)
o=~ NEUTRAL (signature optional, 3rd party allowed)
o=- STRONG (signature required, 3rd party allowed)
o=! EXCLUSIVE (signature required, no 3rd party)
o=. NEVER (no mail expected)
o=^ USER
...
Wouldn't be easier of the signer can assert a role so such checks
are not necessary by a list server?
No. SSP is not for signed mail, it's for unsigned mail.
If it's a third party signature you still need to check SSP for EXCLUSIVE
policy.
That doesn't alter what I said. You fundamentally cannot get out of
making checks if you're missing a (first party) signature. That's
SSP's purpose in life.
Mike
_______________________________________________
ietf-dkim mailing list
http://dkim.org