Dave Crocker wrote:
Stephen Farrell wrote:
> I assume his concern was with unsigned (or maybe even DKIM-signed?)
mail from a bad actor, purporting to be from his little domain.
If the verifier looked up the little domain's SSP and found that e.g.
all mail from little domain is supposed to be signed by the ISP
What proposed SSP flags, configuration and usage will enable a receiver to know
that a particular (rfc2822.From?) domain's messages must be signed by a
particular ISP?
I don't think it's hard to envision such a protocol element, where
I get stuck is how you do so in a way that doesn't blow out all kinds
of other requirements. It's tempting to put this sort of requirement in,
but if the end result is that it can't be done without violating other
more fundamental requirements then it should be eliminated. I've
been tentatively calling these sort of things "provisional" requirements
in that they need to
a) demonstrate a constituency
b) demonstrate that they can be done without violating other requirements.
Mike
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html