I'm increasingly getting the impression that we don't
really understand the semantics of SSP.
Here is the current proposed policies: ...
o=! EXCLUSIVE (signature required, no 3rd party)
Well, OK. if a message has both a signature from the From: domain and
one from someone else, does that pass? Why or why not?
I'm not proposing we solve this here, just that we note that SSP is a can
of worms that we must carefully keep out of the path of the basic
signature work.
Regards,
John Levine, johnl(_at_)iecc(_dot_)com, Primary Perpetrator of "The Internet
for Dummies",
Information Superhighwayman wanna-be, http://www.johnlevine.com, Mayor
"I shook hands with Senators Dole and Inouye," said Tom, disarmingly.
_______________________________________________
ietf-dkim mailing list
http://dkim.org