ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-dkim] "I sign everything" is not a useful policy

2006-08-08 08:42:25
from [Damon] [Permanent Link] 
Soooo......

How's the weather?

Nice and HOT here in Atlanta :)



Damon




On 8/8/06, Stephen Farrell <stephen(_dot_)farrell(_at_)cs(_dot_)tcd(_dot_)ie> 
wrote:


Again - this raises no new technical issue. So, let's please
wait and work on reqs-00's text,

Stephen.

Damon wrote:
> Friends,
> Let it never be said that I am inflexible and can't change my mind
> from good arguments.
>
> After a restless night thinking about this, I am going to change my
> thoughts just slightly.
>
> All email that has a munged sig or no sig that comes from an "I sign
> all" domain should be expected not to reach its destination.
>
> I want to see:
>
> "I sign all" and/or these domains can sign for me. If the message is
> not signed, it is expected by me that the messages will not reach its
> destination.
>
> "I sign none" Nothing from me at this domain should be signed. If it
> is, it is expected by me that the message will not reach its
> destination.
>
> "I sign all" only from this domain(s) or _FDQN(s)_. Messages from this
> domain(s) or FDQN(s) that are not signed are expected by me not to
> reach their destination. However, messages coming from everywhere else
> may or may not be signed. I expect that these messages will not be
> effected under this policy.
>
> I think that these policies should cover every scenario I can think of.
>
> The FDQNs are important. As an admin who has several gateways at the
> same domain, it would be nice to be able to route some mail fitting a
> policy to a particular MTA to have it signed and delivered without
> effecting my other mail.
>
> If munging is too much of an issue, turn the policies off, fix the
> problem, turn them back on. I don't think we should stop work just
> because this _might_ happen. The benefits outweigh the risks.
>
>
> Regards,
> Damon Sauer
> _______________________________________________
> NOTE WELL: This list operates according to
> http://mipassoc.org/dkim/ietf-list-rules.html
>



_______________________________________________
NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] SSP requirements, Stephen Farrell
Next by Date:  [ietf-dkim] Re: "I sign everything" is not a useful policy, Frank Ellermann
Previous by Thread:  Re: [ietf-dkim] "I sign everything" is not a useful policy, Stephen Farrell
Next by Thread:  [ietf-dkim] Re: "I sign everything" is not a useful policy, Frank Ellermann
Indexes:  [Date] [Thread] [Top] [All Lists]