----- Original Message -----
From: "Hallam-Baker, Phillip" <pbaker(_at_)verisign(_dot_)com>
Netnews is a separate case, but again not worth delving into here.
It is out of scope but well worth people looking into. My guess would be
that it should just work. NNTP is a much cleaner environment as
NNTP servers do not as a rule make arbitrary conversions to
messages as many SMTP servers do.
Agree. Also NNTP has a stronger posting requirement. The loopholes have been
ironically the advent on web site systems, which started out as readers, but
now are allowing posting as well.
Deploying DKIM just within the NNTP environment as a spam control
measure could make a lot of sense. It will inevitably happen as
people write DKIM aware mail/news clients.
I can easily see adding one quick feature to our NNTP server to support some
level of DKIM/SSP.
Example: SSP control logic to handle ARTICLE posting.
With a few lines of code, the NNTP server can easily check to make sure the
From: domain is not using a *restrictive* domain SSP, such as a high value
domain who have absolutely, uncategorically, no interest in seeing
uncontrolled users masquerading their domain entity in news groups
This would be server side so it would handle ALL RFC news reader MUA
clients. No change required to DKIM/SSP specs that I can see off hand.
But beyond this, it gets hairy.
My wish for this DKIM/SSP effort is to first focus on server-side, transport
operations because no matter what, that needs to get done first. We can't
depend on the "new" MUA becoming the requirement for DKIM/SSP
One we get the backend protocol requirements all worked out, then we can
write new guidelines and interface requirements for MUAs.
NOTE WELL: This list operates according to