From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org
[mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of Hector Santos
Sent: Monday, February 26, 2007 1:11 PM
To: EKR
Cc: ietf-dkim(_at_)mipassoc(_dot_)org
Subject: Re: [ietf-dkim] Re: 1368 straw-poll :
In my view, it doesn't matter if its A, B, AB, XYZ or weaker or
stronger. It is about expectations.
if S says I only sign with A, then R should not see
signatures with B, X or Y.
I don't think anyone has suggested that semantic.
The semantic suggested here is 'I always sign with A', this says nothing about
B.
The problem is that when you advertise a key record for B you are in effect
saying 'I might sign with B'.
If your policy only allows you to state 'I always sign' and the receiver is
unable to support B (inevitably the case for some verifiers on day 1 of a
transition) then in that case the policy can be interpreted as 'I always sign
with B' which is equivalent to 'I always sign with an algorithm you don't know
how to verify'
That could well be the signature policy for some signers, but most signers will
in a transition sign with A and with B and all that is being said here is that
the policy language should be expressive enough to state this.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html