ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] I send nothing

2006-07-26 17:22:47

On Jul 26, 2006, at 4:25 PM, Steve Atkins wrote:


On Jul 26, 2006, at 12:58 PM, Hallam-Baker, Phillip wrote:

That is not true.

I sign everything will still result in messages that have failed sigs due to mailing lists and such.

I send nothing is much more categorical. The data can go straight to the bit bucket

But surely if you assert "I sign everything" then any mail that is unsigned (where "signature corrupted by mailing list" is identical to unsigned) should go straight to the bitbucket.

No. Invalid signatures are to be ignored. In the case of a mailing list, an invalid signature may be common for many years. Only when there is an assertion that mail is never sent, can mail be outright rejected, however scant.


Or are you suggesting that an email from a sender who "signs everything" that arrives with an invalid signature should be treated as valid? If so, DKIM+SSP is worthless. If not, then the two assertions are identical in result.

The real value would be found including Designated Signing Domain Lists as part of the policy. Annotations that an email-address is associated with the signing domain could provide value from an assurance standpoint.

-Doug
_______________________________________________
NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html

<Prev in Thread] Current Thread [Next in Thread>