ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] Attempted summary, SSP again

2006-01-27 09:05:07
Hector Santos wrote:

----- Original Message -----
From: "Michael Thomas" <mike(_at_)mtcc(_dot_)com>

For the EXCLUSIVE policy?  Following SSP, it would be a
REJECT because the policy says no 3PS should exist.

That's not what it says. It says:

     "!  All mail from the entity is signed; Third-Party
         signatures SHOULD NOT be accepted"

In the context, it means that it requires a first party signature.
It should probably be more explicit on this point.


In the context of the Levine's question,

   Levine:
   "if a message has both a signature from the From: domain
    and one from someone else, does that pass?  Why or why not?"

Following your SSP draft description as posted above, this would be an
unaccepted condition.

What is the difference?

The second clause is only trying to make explicit that a third
party signatures is not an acceptible substitute for a first
party signature from that domain. Which it isn't. You're making
a leap that it should also cast a shadow on the first party
signature. The text definitely does not say that, and it was
not the intent since we were purposefully dancing around the
multiple signature question.

If it has a valid first party signature, it passes. If it doesn't,
it doesn't.

                Mike
_______________________________________________
ietf-dkim mailing list
http://dkim.org