ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[ietf-dkim] Re: Attempted summary, SSP again

2006-01-27 10:11:07
from [Frank Ellermann] [Permanent Link] 
Hector Santos wrote:
 

"!  All mail from the entity is signed; Third-Party
    signatures SHOULD NOT be accepted in lieu of an
    entity signature



   Yes, that's what it's supposed to mean.

 

So in other words, for the EXCLUSIVE (o=!) policy.

 

    DO NOT ACCEPT IF AN OA SIGNATURE IS MISSING.
    DO NOT ACCEPT IF A 3RD PARTY SIGNATURE IS PRESENT.


Only the first DO NOT.  The second DO NOT is unnecessary and
potentially harmful.  What if the author is forced to send
via a route where a 3rd party routinely adds its signature
without caring about SSP ?  

What if the receiver forwards his mail to another MRN, and
his clueless forwarder always adds a 3rd party signature ?

The important point is the first DO NOT. the second would at
best save you (as the checking receiver) a few lines of code.

                               Bye, Frank


_______________________________________________
ietf-dkim mailing list
http://dkim.org
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [ietf-dkim] canonicalization, Michael Thomas
Next by Date:  [ietf-dkim] Re: canonicalization, John R Levine
Previous by Thread:  Re: [ietf-dkim] Attempted summary, SSP again, Hector Santos
Next by Thread:  Re: [ietf-dkim] Re: Attempted summary, SSP again, Hector Santos
Indexes:  [Date] [Thread] [Top] [All Lists]