ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-dkim] I send nothing

2006-07-26 17:39:13
from [Michael Thomas] [Permanent Link] 
Hallam-Baker, Phillip wrote:


That is not true.

I sign everything will still result in messages that have failed sigs due to 
mailing lists and such.

I send nothing is much more categorical. The data can go straight to the bit 
bucket

SSP is not very relevant in this case as that spec is not on standards track 
and DKIM is.
There seems to be two different cases of "I sign everything" that people have 
in mind. Mark's novel use seems to be the same categorical statement that
bigbank.com would make: "if you see something purportedly from me that
isn't signed, by all means treat with extreme prejudice".
The second use case is "I sign everything, but don't be too surprised if there are legitimate messages that lack valid signatures." This is the situation that many companies including mine will be in once we're signing everything. Is this a useful piece of information for receivers? My suspicion is that things like, oh 
say, spamassassin could make use of that when evaluating the sum total of a
message's spamminess.
Along with these two cases, we have the open question of, exactly, the policy is saying. Is it giving instructions or preferences to receivers, or is it just making a statement about what it does? I sort of thought that there was a preference for the latter kind of statement. If so, how does one phrase these two kinds of categories? 

      Mike


-----Original Message-----
From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org [mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of Mark Delany 
Sent: Wednesday, July 26, 2006 11:57 AM
To: ietf-dkim(_at_)mipassoc(_dot_)org
Subject: Re: [ietf-dkim] The URL to my paper describing the DKIM policy options
On Wed, Jul 26, 2006 at 04:30:15PM +0100, Stephen Farrell allegedly wrote:
I've always wondered why dkim is taking on the task of
supporting "I
don't send mail" since the statement makes no reference to
signatures
at all. Arguably, that's something that should be dealt with by someone else, who might also think about saying "I only send mail that's less than 1MB", or, "I only send invoices".
Especially since one can achieve that same effect by having an SSP that says "I sign" everything and then don't sign any email. 


Mark.
_______________________________________________
NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html 




_______________________________________________
NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html 

_______________________________________________
NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] I send nothing, Douglas Otis
Next by Date:  Re: [ietf-dkim] I send nothing, Michael Thomas
Previous by Thread:  Re: [ietf-dkim] I send nothing, Arvel Hathcock
Next by Thread:  Re: [ietf-dkim] I send nothing, Scott Kitterman
Indexes:  [Date] [Thread] [Top] [All Lists]