----- Original Message -----
From: "Stephen Farrell" <stephen(_dot_)farrell(_at_)cs(_dot_)tcd(_dot_)ie>
Anyway I guess this is just another argument to require support for
inclusion of some kind of allowed-signer list in SSP statements, and
maybe also for a requirement that the SSP statements should be able
to be "sourced" independently of key records. I guess the WG should
consider both requirements and adopt 'em or drop 'em, so including
them for now is probably right.
+1 for both - signer list, independent records.
Incidentally, the DSAP proposal currently considers an "allow list" tag
definition:
4.3. DSAP Tag; 3pl=<dom-list>;
The 3pl= is an optional tag that defines a list of 3rd party domains
who are allowed to DKIM sign the message as a 3rd party signer. This
tag is ignored unless 3rd party signing policy is expected or
optional (3p=always or 3p=optional).
<dom-list> is a comma delimited list of domain names.
Example:
3pl=isp.com,outsource.com,mailinglist.com;
One initial and obvious design consideration is length limit related. One
reviewer did suggest some 'include' concept or protocol to access large
list.
--
Hector Santos, Santronics Software, Inc.
http://www.santronics.com
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html