----- Original Message -----
From: "Stephen Farrell"
However, are there any potential SSP requirements that we've not
mentioned at all this past week or so?
Throughout all this, I tried to keep my contribution as generic as possible
sticking with protocol implementation and security issues. I don't know if a
specific item was missed or already covered, but my own input is best
summarized from the DSAP I-D proposal [1] as:
Goal:
o Protect domain DKIM message signing practices,
o Protect domain reputations,
o Reduce DKIM verification overhead,
o Simplify DKIM implementation design considerations,
o Help increase DKIM acceptability, and
o Help lower DKIM adoption barriers.
Security Considerations:
o Does the domain ever distribute mail?
o Do you expect the mail to be unsigned?
o Do you expect to sign all mail?
o Is your domain the exclusive signer?
o Are 3rd party signers or signatures allowed?
o Are 3rd party signers allowed to strip your original signatures?
--
Hector Santos, Santronics Software, Inc.
http://www.santronics.com
[1] http://tools.ietf.org/wg/dkim/draft-santos-dkim-dsap-00.txt
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html