On Thu, 30 Nov 2006 16:04:35 -0000, Michael Thomas <mike(_at_)mtcc(_dot_)com>
wrote:
Charles Lindsey wrote:
On Wed, 29 Nov 2006 13:44:30 -0000, Scott Kitterman
<ietf-dkim(_at_)kitterman(_dot_)com> wrote:
SSP needs an identity to key off of to lookup a policy. The agreed
identity
for that is 2822.From for several reasons:
But that is wholly back to front. The SSP policy to look up initially
should be that of the domain making the signature.
What signature? SSP is for the case when you get a piece of mail whose
signature
is either missing altogether, broken, or doesn't fit the requisites for
the SSP policy.
If you have a signature, then all I am suggesting is that you first look
at the SSP of a signer to see if that provides a satisfactory explanation.
For sure, you now know where the mail DID come from. If that domain is not
one of the domains in From, then maybe you then need to look as some From
SSPs.
If there is no signature, then you have less to go on. But even then,
knowing where it was alleged to come from (Sender) is information of a
sort, though you are more likely to need a From SSP as well.
--
Charles H. Lindsey ---------At Home, doing my own thing------------------------
Tel: +44 161 436 6131
Web: http://www.cs.man.ac.uk/~chl
Email: chl(_at_)clerew(_dot_)man(_dot_)ac(_dot_)uk Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K.
PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html