Doug,
That was agreed to be closed on the jabber session.
No-one spoke against that, so please consider this closed/rejected.
(Eliot - you can close it now, thanks.)
Stephen.
Douglas Otis wrote:
https://rt.psg.com/Ticket/Display.html?id=1358
Prior to the policy requirements, there were several supporting this
concept of "strict". There is a need for more than just an assertion
that "all messages are signed." Making an assertion that "all messages
are signed" might mean only messages with invalid signatures should be
introduced by services known to damage signatures. This would be an
incorrect assumption when dealing with commerce related transactions
from a heavily phished domains. The need for this added assertion is
already found in Eric's latest SSP draft.
Two assertions are required when all messages are initially signed.
Otherwise the partial information of "all messages are signed" may
induce improper handling. This would be especially true when sources
known to damage signatures are used to enable exceptions.
To avoid improper handling two assertions must be allowed:
1 ) All messages are signed.
2 ) Services that might damage the signature are avoided.
-Doug
_______________________________________________
NOTE WELL: This list operates according
tohttp://mipassoc.org/dkim/ietf-list-rules.html
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html