ietf-dkim
[Top] [All Lists]

RE: [ietf-dkim] Re: How to reconcile passive vs active?

2006-08-08 08:57:21
[mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of Frank 
Ellermann

Hallam-Baker, Phillip wrote:

The receiver decides how to interpret that information. It must be 
very clear (a MUST) that I sign all is not the same as 
instructing the 
receiver to do an automatic reject. That is why I don't want to see 
anything that smacks of telling the receiver what to do.

This message apparently contradicts itself.  There's no such 
"MUST" in "I sign all", and it's perfectly okay if receivers 
decide to reject unsigned "I sign all" mails.  If they decide 
to accept it anyway it's most likely silently dropped later, 
or bounced to innocent bystanders (1), and that would be bad.

We are writing instructions to the authors of the software packages, not the 
operators of such.

A DKIM signature verification package which automatically bounced messages that 
failled sig verification would be broken in my view.

An operator at an ISP who set the policy automatic bounce for Paypal, Ebay and 
some others would be entirely sensible. It would not be good to have that 
option at the SEC or any other regulatory body that accepts statutory notices.


I think we can actually come to consensus here. Despite the amount of heat we 
are actually saying compatible things. Its just a question of the right level.

_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

<Prev in Thread] Current Thread [Next in Thread>