Steve Atkins wrote:
On Feb 27, 2007, at 5:40 PM, Michael Thomas wrote:
Eric Allman wrote:
Hector,
Dropping the "never send mail" statement doesn't mean you can't still
express the concept. Say "this domain always signs email" and then
have no selectors --- all mail that claims to originate from that
domain will have an invalid signature.
There may however be a good argument that there is a difference
between a message with a bad signature and a message that "cannot
exist" in the first place. That might make retaining the concept
worthwhile from an expressive standpoint, although there are some
feelings (not mine) that such a declaration is out of scope.
I'm pretty sure that I'd be willing to drop a piece of mail from a
source that says "I don't send mail" out of hand. I definitely wouldn't
do that for an unsigned message with "I sign everything" because it
might have been damaged in transit. So the semantics are not the same.
If you believe the semantics are not the same, then what does the statement
"I sign everything" actually mean to a recipient when associated with
unsigned
mail?
It means just what it says. It doesn't say anything about what could
happen after it signs it. A receiver ought to take that sort of thing
into account if it doesn't want a boatload of false positives.
Mike, I hope people aren't of the mindset that
dkim alone is sufficient to accept/reject messages
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html