----- Original Message -----
From: "Dave Crocker" <dhc(_at_)dcrocker(_dot_)net>
To: <Bill(_dot_)Oxley(_at_)cox(_dot_)com>
There is a pretty substantial history that says that Internet
protocols succeed when they are simple and precise and that
their core semantics carry little or no opportunity for
making semantic choices.
I agree, and in my view, SSP and DSAP is consistent with this old school
mentality but with a renewed focus not to play down the obvious for the sake
of unrestricted usefulness which in the old days, the problems were
rightfully negligible.
That doesn't apply today with an high alertness of security and abusive
nature of email broadcasting.
SSP/DSAP addresses the unprotected semantics of the DKIM-BASE protocol.
The problem seems to be that these DKIM-BASE defined semantics do not need
protection.
Overall, the DKIM-BASE protocol consistency questions will be:
o Does the domain ever distribute mail?
o Do you expect the mail to be unsigned?
o Do you expect to sign all mail?
o Is your domain the exclusive signer?
o Are 3rd party signers or signatures allowed?
o Are 3rd party signers allowed to strip your original signatures?
These are basic fundamental signature authorization considerations that are
lacking in the core DKIM protocol message signature methodology.
--
Hector Santos, Santronics Software, Inc.
http://www.santronics.com
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html