RE: [ietf-dkim] x= lets senders expire responsibility

> From: william(at)elan.net [mailto:william(_at_)elan(_dot_)net] 
> On Wed, 12 Apr 2006, Hallam-Baker, Phillip wrote:
>
> > I disagree.
> >
> > I think the semantics are 'don't count on being able to verify this 
> > message after this date'.
> This is signer's policy information. From what I've seen so 
> far its largely the same set of people who are against this 
> as those against what you call SSP. I'm afraid this maybe a 
> light prelude to what you'll see in SSP debates....
It is cetainly the case that a SSP might want to make a statement of the
form 'signatures will be good for at least 2 weeks from the date of
signing'. I think that a case can be made for putting the info in the
signature itself as well. That way the verifier can decide to skip attempts
to obtain the key if that is its policy.

As far as I am concerned definition of a security policy for an Internet
protocol has not been serously tried to date (except for MARID). The lack of
security policy is on of the main reasons that S/MIME and PGP are not
suitable for the task at hand. I have yet to hear a single covincing
argument against making the attempt. The proper time for such arguments to
be made is after the initial spec has reached PROPOSED standard and there is
adequate deployment experience to rely on.

Lets do our job first and then discuss these issues.

smime.p7s
Description: S/MIME cryptographic signature

_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html