On 8/9/06, Stephen Farrell <stephen(_dot_)farrell(_at_)cs(_dot_)tcd(_dot_)ie>
wrote:
Damon wrote:
> 8. The Protocol is not required to publish a Practice of any/all
> unreleated third parties that MUST NOT sign on the domain
> holder's behalf.
>
> [INFORMATIVE NOTE: this is essentially saying that the
> protocol doesn't have to concern itself with being a
> blacklist repository.]
>
> Spelling issue: unreleated = unrelated
>
> also
>
> This might be a semantics issue but, does this mean that, while it is
> not required, it is still an option to be able to publish who MUST NOT
> sign?
As I read it, it says that the (SSP) protocol MUST NOT have that
feature. Some other protocol might.
Personally I think this is right since I can't think of any
reason why the presence of a signature would in itself be a
negative. I guess that 5.3, req #9 also more-or-less says this.
I (and others, I expect) would argue strongly that it would
be wrong to do otherwise.
We had a related discussion about whether mail is required to
be routed directly or not, but that should IMO be separate from
this and doesn't currently seem to be in the document, which
again I think is probably correct, though others may differ.
Stephen.
PS: The above is with chair hat off, of course.
I am thinking that the purpose of the original discussion was to keep
the OA's reputation from being tarnished by the subsequent signers.
Like it or not, the sig is likely going to be tied to reputation
somehow anyway. Are there any thoughts on how to avoid this?
Regards,
Damon Sauer
<I have all my hair so no need to wear a hat>
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html