ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-dkim] Are verifiers expected to query SSP on a successful verify?

2006-07-31 12:16:45
from [Tony Hansen] [Permanent Link] 
Dave Crocker wrote:

Alas, it was pointed out to me that SSP does indeed have a requirement for a
lookup even when the message is signed.  This is when there is so-called
third-party signing.  (I believe this means when the domain in the 
rfc2822.From
does not make the DKIM d= domain.)


I would at a minimum include rfc2822.Sender in this check: third part
signing is when the DKIM d= domain is not equal to either the
rfc2822.From's domain nor the rfc2822.Sender's domain.

        Tony Hansen
        tony(_at_)att(_dot_)com
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] Are verifiers expected to query SSP on a successfulverify?, Hector Santos
Next by Date:  RE: [ietf-dkim] A few SSP axioms, Hallam-Baker, Phillip
Previous by Thread:  Re: [ietf-dkim] Are verifiers expected to query SSP on a successfulverify?, Hector Santos
Next by Thread:  Re: [ietf-dkim] Are verifiers expected to query SSP on a successful verify?, Dave Crocker
Indexes:  [Date] [Thread] [Top] [All Lists]