Barry Leiba wrote:
It's definitely not relevant to the threats doc, but I do think it could
be a useful discussion to have about the base doc. We've suggested that
domains that want to divide their reputation create subdomains (the sort
of thing like "official.bigbank.example" vs "users.bigbank.example"),
but for various reasons not all domains want to do that. It would be a
reasonable discussion to have if one wanted to propose a tag in the key
that defined the level of "officialness" or "trust" or some such that
the signing domain places on the use of this key. That allows the
domain to use selectors, rather than subdomains, to make this division.
That's more of an issue of SSP, right? It's with SSP that you'd
like to subdivide the policy (or pronouncement, or pedagogy, or
one of those P words). -Base doesn't really care one way or another
about this as it doesn't make any statement about the binding
of the identity to a policy.
Mike
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html