ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: [ietf-dkim] All done on potential SSP requirements?

2006-08-04 06:28:25
from [Hallam-Baker, Phillip] [Permanent Link] 
Hang on a second. 

We have requirements here for a policy mechanism. That's not the same as 
requirements for the SSP record.

The implementation of the policy mechanism may be concentrated in the policy 
record or split between the policy record and the key record. 

And don't try to claim that the key record is final, it is not. We were not 
allowed to discuss the policy aspects of the key record at the time of base. It 
was pointed out at the time that the key record is also part of the policy 
system and we were told then that we could discuss those issues now. 


I don't think we need to modify base but it does look to me as if we are going 
to possibly need to add features into the key records.

I don't think that is a serious problem either. We just end up with 
descriptions split between two documents. We can always refactor the documents 
at draft if people want the key record description 


One requirement that MUST appear in the document if the resulting spec is to 
clear the security review is as follows:

     It must be possible for Alice to publish a key record that describes 
     use of features such as canonicalization, digest or signature algorithm 
     that are not widely supported without negating the value of the policy 
     record.

I will explain why that is necessary in my next post.



-----Original Message-----
From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org 
[mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of Stephen 
Farrell
Sent: Friday, August 04, 2006 7:00 AM
To: ietf-dkim
Subject: [ietf-dkim] All done on potential SSP requirements?


Folks,

We've batted about a load of stuff this week on SSP requirements.
Some of it was new, some repeated from earlier rounds of 
discussion, but all of stuff we needed to go over. But I 
guess that Mike now has *plenty* of material to write up his 
reqs-00 I-D (which he'll hopefully still manage to keep very short:-)

Rather than try resolve our different opinions based on these 
list threads, I reckon we'd probably be better off waiting to 
and try get consensus on requirements until after we've seen 
them written down, so I suggest we let this week's discussion 
rest for a little bit while Mike writes.

However, are there any potential SSP requirements that we've 
not mentioned at all this past week or so?

Stephen.
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html




_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] All done on potential SSP requirements?, Jeff Macdonald
Next by Date:  Re: [ietf-dkim] All done on potential SSP requirements?, Hector Santos
Previous by Thread:  Re: [ietf-dkim] All done on potential SSP requirements?, Hector Santos
Next by Thread:  Re: [ietf-dkim] All done on potential SSP requirements?, Stephen Farrell
Indexes:  [Date] [Thread] [Top] [All Lists]