ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: [ietf-dkim] Attempted summary, SSP again

2006-01-27 09:18:25
from [Bill.Oxley] [Permanent Link] 
" If it has a valid first party signature, it passes. If it doesn't,
it doesn't." If the value of the valid signature states that 3rd party
signers are not admissible it does impugn the validated first party
signature. So should the first party remove 3rd party signatures? Or
should the text read


     "!  All mail from the entity is signed; Third-Party
         signatures SHOULD NOT be accepted in lieu of an entity

signature

Bill Oxley 
Messaging Engineer 
Cox Communications, Inc. 
Alpharetta GA 
404-847-6397 
bill(_dot_)oxley(_at_)cox(_dot_)com 


-----Original Message-----
From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org
[mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of Michael Thomas
Sent: Friday, January 27, 2006 10:52 AM
To: Hector Santos
Cc: ietf-dkim(_at_)mipassoc(_dot_)org
Subject: Re: [ietf-dkim] Attempted summary, SSP again

Hector Santos wrote:


----- Original Message -----
From: "Michael Thomas" <mike(_at_)mtcc(_dot_)com>


For the EXCLUSIVE policy?  Following SSP, it would be a
REJECT because the policy says no 3PS should exist.


That's not what it says. It says:

     "!  All mail from the entity is signed; Third-Party
         signatures SHOULD NOT be accepted"

In the context, it means that it requires a first party signature.
It should probably be more explicit on this point.



In the context of the Levine's question,

   Levine:
   "if a message has both a signature from the From: domain
    and one from someone else, does that pass?  Why or why not?"

Following your SSP draft description as posted above, this would be an
unaccepted condition.

What is the difference?


The second clause is only trying to make explicit that a third
party signatures is not an acceptible substitute for a first
party signature from that domain. Which it isn't. You're making
a leap that it should also cast a shadow on the first party
signature. The text definitely does not say that, and it was
not the intent since we were purposefully dancing around the
multiple signature question.

If it has a valid first party signature, it passes. If it doesn't,
it doesn't.

                Mike
_______________________________________________
ietf-dkim mailing list
http://dkim.org

_______________________________________________
ietf-dkim mailing list
http://dkim.org
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] Attempted summary, SSP again, Hector Santos
Next by Date:  Re: [ietf-dkim] Attempted summary, SSP again, Hector Santos
Previous by Thread:  Re: [ietf-dkim] Attempted summary, SSP again, Hector Santos
Next by Thread:  Re: [ietf-dkim] Attempted summary, SSP again, Michael Thomas
Indexes:  [Date] [Thread] [Top] [All Lists]