ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] All done on potential SSP requirements?

2006-08-04 06:38:54

----- Original Message -----
From: "Stephen Farrell"

However, are there any potential SSP requirements that we've not
mentioned at all this past week or so?

Throughout all this, I tried to keep my contribution as generic as possible
sticking with protocol implementation and security issues. I don't know if a
specific item was missed or already covered, but my own input is best
summarized from the DSAP I-D proposal [1] as:

Goal:

   o  Protect domain DKIM message signing practices,
   o  Protect domain reputations,
   o  Reduce DKIM verification overhead,
   o  Simplify DKIM implementation design considerations,
   o  Help increase DKIM acceptability, and
   o  Help lower DKIM adoption barriers.

Security Considerations:

   o  Does the domain ever distribute mail?
   o  Do you expect the mail to be unsigned?
   o  Do you expect to sign all mail?
   o  Is your domain the exclusive signer?
   o  Are 3rd party signers or signatures allowed?
   o  Are 3rd party signers allowed to strip your original signatures?


--
Hector Santos, Santronics Software, Inc.
http://www.santronics.com

[1] http://tools.ietf.org/wg/dkim/draft-santos-dkim-dsap-00.txt


_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html