On Jun 1, 2006, at 12:39 PM, <Bill(_dot_)Oxley(_at_)cox(_dot_)com>
<Bill(_dot_)Oxley(_at_)cox(_dot_)com> wrote:
Doug,
Thanks for the clarification, so an assertion for subdomains that can
"opt out" of parent signing systems so that bill***(_at_)foo(_dot_)com is
authenticated with sig and bob***(_at_)foo(_dot_)com is not?
Partial mitigation of this issue was covered by the proposal:
http://mipassoc.org/pipermail/ietf-dkim/2006q2/003762.html
The ultimate control still remains with the TLD however. There are
no mechanisms currently within DKIM to limit sub-domain scopes for i=
email-address assurances.
-Doug
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html