ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] Delegating responsibility: a make vs. buy design decision

2006-08-23 21:44:59
On Thu, 24 Aug 2006 01:28:48 +0100 Stephen Farrell 
<stephen(_dot_)farrell(_at_)cs(_dot_)tcd(_dot_)ie> wrote:

Dave Crocker wrote:
So, the degree of enforcement for the content of *any* signed field is 
not
stated as part of DKIM's specification.

For DKIM-base, yes, but not for DKIM.

Yes, that sounds right. DKIM-base says how to sign stuff but really
says little about what that stuff might mean.

Yes, but DKIM-SSP gets beyond that.  The content of the 2822.From has to be 
meaningful.

If so, then that doesn't seem to be dependent on the "SSP DSD"
mechanism. I've no position on whether that's right or not, but
haven't understood what the "SSP DSD" mechanism changes.

I think it changes not much.  An operator signing first party need to 
ensure 2822.From isn't forged.  This is true whether they sign first party 
based on the signing domain being the same or by being a DSD.

Scott K
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html