Charles Lindsey wrote:
On Wed, 29 Nov 2006 13:44:30 -0000, Scott Kitterman
<ietf-dkim(_at_)kitterman(_dot_)com> wrote:
SSP needs an identity to key off of to lookup a policy. The agreed
identity
for that is 2822.From for several reasons:
But that is wholly back to front. The SSP policy to look up initially
should be that of the domain making the signature.
What signature? SSP is for the case when you get a piece of mail whose
signature
is either missing altogether, broken, or doesn't fit the requisites for
the SSP policy.
But OTOH suppose the SSP of the signer said:
"We are a list expander and resign all messgaes because we have
corrupted any original signatures, but only after we have checked the
validity of those original signatures", then what are you going to do?
Ignore them in absence of any other information. If I don't know you, I
really don't
care much about what your third party role is since you could be lying
and trying
to get me make the, oh say, From address look more believable than it is.
Mike
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html