Hallam-Baker, Phillip wrote:
That is not true.
I sign everything will still result in messages that have failed sigs due to
mailing lists and such.
I send nothing is much more categorical. The data can go straight to the bit
bucket
SSP is not very relevant in this case as that spec is not on standards track
and DKIM is.
There seems to be two different cases of "I sign everything" that people
have
in mind. Mark's novel use seems to be the same categorical statement that
bigbank.com would make: "if you see something purportedly from me that
isn't signed, by all means treat with extreme prejudice".
The second use case is "I sign everything, but don't be too surprised if
there
are legitimate messages that lack valid signatures." This is the
situation that many
companies including mine will be in once we're signing everything. Is
this a
useful piece of information for receivers? My suspicion is that things
like, oh
say, spamassassin could make use of that when evaluating the sum total of a
message's spamminess.
Along with these two cases, we have the open question of, exactly, the
policy
is saying. Is it giving instructions or preferences to receivers, or is
it just making
a statement about what it does? I sort of thought that there was a
preference for
the latter kind of statement. If so, how does one phrase these two kinds
of categories?
Mike
-----Original Message-----
From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org
[mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of Mark Delany
Sent: Wednesday, July 26, 2006 11:57 AM
To: ietf-dkim(_at_)mipassoc(_dot_)org
Subject: Re: [ietf-dkim] The URL to my paper describing the
DKIM policy options
On Wed, Jul 26, 2006 at 04:30:15PM +0100, Stephen Farrell
allegedly wrote:
I've always wondered why dkim is taking on the task of
supporting "I
don't send mail" since the statement makes no reference to
signatures
at all. Arguably, that's something that should be dealt with by
someone else, who might also think about saying "I only send mail
that's less than 1MB", or, "I only send invoices".
Especially since one can achieve that same effect by having
an SSP that says "I sign" everything and then don't sign any email.
Mark.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html