Frank Ellermann wrote:
Hector Santos wrote:
ProcessB() - SSP lookup
- Message Arrives
- OA SSP Policy lookup
- EXCLUSIVE
- Two Signers found --> REJECT
I would think ProcessB() is more ideal, more efficient and
100% DKIM/SSP compatible, and more importantly with a
rejection result that is mostly likely to be more correct
than ProcessA() acceptance of an OA domain policy voilation.
IBTD for your "Two Signers found --> REJECT" shortcut. It's
enough to reject it if no signature matches the SSP domain.
BUT I think anything else you said here is correct, and this is
not reflected in the first figure of the "threats" draft. I've
now stated this at least five time, time to get a ticket. Bye
I thought about this while working on the forthcoming revision to the
threats document, and decided not to change the diagram. I agree that
there are perhaps more optimal ways of doing the verification, but the
lead-in to the diagram says it is a "typical usage flowchart" for DKIM.
It's setting the context for the rest of the threat analysis, so it's
just showing how signing and verification could be done, not necessarily
the best way. I think it's beneficial to go with the simplest example
possible here.
-Jim
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html