On Thu, Aug 03, 2006 at 08:14:19AM -0700, Dave Crocker allegedly wrote:
In other words, I think that fate-sharing is inherent here, where two
different
domain names can be identified.
Why would your ISP be identified and, even if it is, why would its
signature, as a third-party, be more relevant than your signature, as
a first party?
Some will do their own signature "just to be safe". Certainly their IP
address
will be obtained as it is now.
Which I think is the point. Filters already thrive on diversity, so
it's not clear to me that we will be able to impose much uniformity on
that front.
The only mandate I think we could possibly make towards uniformity is
if we said that signers MUST remove all existing signatures. If
verification ever allow the presence of multiple signatures, then
pretty much all bets are off as to how deployments will add
signatures.
Having said that. In the dim distant past we did talk about origin
signatures and relay signatures (or some such, I forget the exact
nomenclature for the moment). So I suppose if we can clearly
distinguish origin signatures from relay signatures, that might be
useful.
Mark.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html