My requirements
I sign all
I sign nothing
I sign only 3rd party
I sign all and 3rd party
I sign some mail
My Policy/Practice
I sign all - every piece of mail purported to be from me must be signed
I sign nothing - If mail arrives with a DKIM sig I didn't send it
I sign only 3rd party - I only act as a signing domain for other
domains, I don't sign any of my own mail
I sign all and 3rd party- I sign all my mail and for other parties as
well
I sign some mail - I sign only mail that I am willing to swear that I am
responsible for
Thanks,
Bill Oxley
Messaging Engineer
Cox Communications, Inc.
Alpharetta GA
404-847-6397
bill(_dot_)oxley(_at_)cox(_dot_)com
-----Original Message-----
From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org
[mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of Stephen Farrell
Sent: Thursday, July 27, 2006 1:21 PM
To: Douglas Otis
Cc: ietf-dkim(_at_)mipassoc(_dot_)org
Subject: Re: [ietf-dkim] The URL to my paper describing the DKIM policy
options
Douglas Otis wrote:
On Jul 27, 2006, at 2:09 AM, Mark Delany wrote:
So it could be an alias entry in SSP then. One is called "I sign all"
and the other is called "I don't send". They both set the same bit.
There is a slight difference between these two scenarios. This
difference between "All Signed" and "Don't Send" becomes significant
when deciding what to do with an invalid signature.
Prsumably only if the domain published some key for some selector
though which I guess you'd only do if you actually do sign something
(or have crazy s/w that creates keys without saying so:-).
But we've probably fixated on this enough for Mike to have plenty of
options for writing 1st cut reqs text.
What other (sorts of) requirements have not yet been brought up?
S.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html