Hector Santos wrote:
----- Original Message -----
From: "John R Levine" <johnl(_at_)iecc(_dot_)com>
Subject: Re: [ietf-dkim] Attempted summary, SSP again
I'm increasingly getting the impression that we don't
really understand the semantics of SSP.
Here is the current proposed policies: ...
o=! EXCLUSIVE (signature required, no 3rd party)
Well, OK. if a message has both a signature from the From: domain and
one from someone else, does that pass? Why or why not?
For the EXCLUSIVE policy? Following SSP, it would be a REJECT because
the policy says no 3PS should exist. If it does, then it should be
given the evil eye.
That's not what it says. It says:
"! All mail from the entity is signed; Third-Party signatures
SHOULD NOT be accepted"
In the context, it means that it requires a first party signature.
It should probably be more explicit on this point.
Mike
_______________________________________________
ietf-dkim mailing list
http://dkim.org