ietf-dkim
[Top] [All Lists]

RE: [ietf-dkim] Re: 1368 straw-poll :

2007-02-26 12:17:50

From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org 
[mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of Hector Santos
Sent: Monday, February 26, 2007 1:11 PM
To: EKR
Cc: ietf-dkim(_at_)mipassoc(_dot_)org
Subject: Re: [ietf-dkim] Re: 1368 straw-poll :

In my view, it doesn't matter if its A, B, AB, XYZ or weaker or 
stronger.   It is about expectations.

if S says I only sign with A, then R should not see 
signatures with B, X or Y.

I don't think anyone has suggested that semantic.

The semantic suggested here is 'I always sign with A', this says nothing about 
B.


The problem is that when you advertise a key record for B you are in effect 
saying 'I might sign with B'.

If your policy only allows you to state 'I always sign' and the receiver is 
unable to support B (inevitably the case for some verifiers on day 1 of a 
transition) then in that case the policy can be interpreted as 'I always sign 
with B' which is equivalent to 'I always sign with an algorithm you don't know 
how to verify' 

That could well be the signature policy for some signers, but most signers will 
in a transition sign with A and with B and all that is being said here is that 
the policy language should be expressive enough to state this.

_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

<Prev in Thread] Current Thread [Next in Thread>