ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] draft-ietf-dkim-threats-00 Misstatement of the DKIM mechanism

2006-01-24 15:35:17

On Jan 24, 2006, at 2:14 PM, Stephen Farrell wrote:
Douglas Otis wrote:

This should read:
: DomainKeys Identified Mail (DKIM) [I-D.allman-dkim-base] defines a
: mechanism by which email messages can be cryptographically signed,
: permitting a signing domain to be held accountable for the message.
: When an email-address contained within the message is also within
: the signing domain, and noted within the 'i' parameter, the signing
: domain may also be held accountable for verifying the use of the
: email-address conforms to their policies.

I've a few issues with that suggested text:

- "contained within" is too much - foo(_at_)example(_dot_)com is "contained
within" this message but I guess that's not what you mean.

- I'm pretty sure we don't want to be talking about something
as concrete as the "'i' parameter" at this level since such
details are liable to change at inconvenient moments.

- The "may" in the last clause is also a bit ambiguous - do you
mean "can" or "might"?

(I also don't see how your comment connects the new and
old text but am happy to join the dots myself later:-)

Does this look better?

: DomainKeys Identified Mail (DKIM) [I-D.allman-dkim-base] defines a
: mechanism by which email messages can be cryptographically signed,
: permitting a signing domain to be held accountable for the message.
: When an email-address within a message header field is also within
: the signing domain, and specified by a signature parameter, the
: signing domain might also be held accountable for verifying that
: the use of the email-address conforms to their policies.

-Doug



_______________________________________________
ietf-dkim mailing list
http://dkim.org