ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] I sign nothing / only only 3rd party / some mail

2006-07-27 16:15:12
----- Original Message -----
From: "Paul Hoffman" <phoffman(_at_)proper(_dot_)com>
To: <ietf-dkim(_at_)mipassoc(_dot_)org>
Sent: Thursday, July 27, 2006 2:26 PM
Subject: [ietf-dkim] I sign nothing / only only 3rd party / some mail


I am completely confused by "I sign nothing" and "I sign only 3rd
party" and "I sign some mail". I don't see the value of those to the
recipient.

"I sign nothing" seems weird. If I have something signed by your
domain, and I cannot get the signing key from your domain, "I sign
nothing" adds no value. The signature is invalid.

When you have a "Ignore if invalid/error"" BASE methodology, the SSP and
DSAP declaractions is explicit in telling you want to expect.

"I sign only 3rd party" has the same attack problem as "I sign nothing".

I don't see the attack problem in "I sign nothing" so...

"I sign some mail" doesn't tell the recipient anything useful.

Agree.  Relaxed polices will be more abused as with anything relaxed. But
lets not confused it with multiple domains where each has a different
policy.  The problem with relaxed policies is when the ratio of abused vs
success gets higher.  So its fine until its starts getting abused and it
might begin to affect all transactions from the domain.  That might be good
or bad.

What am I missing?

You are telling the world about what you expect with any purported domain
junk coming their way.  The BASE doesn't help them.  SSP does.

---
HLS


_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

<Prev in Thread] Current Thread [Next in Thread>