Hector Santos wrote:
Jim,
Isn't this is a contradiction here?
First you made a statement that the "DKIM WG has no authority to
create a policy framework describing the overall use of email, just
the use of DKIM."
But then yet you just went ahead and described one anyway, further you
went ahead and dictated receiver design.
I'm just saying that there's way to accomplish very much the same thing
as is being requested by expressing the policy in a way that is (IMO)
in-scope for the DKIM working group.
I am not trying to dictate receiver design. Receivers can continue to
do whatever they want. But many receivers will be interested in the
alleged sending domain's suggestion for how they would like unsigned
mail supposedly from their domain to be handled. There is no mandate
for the receiver to do so.
Just think about this:
Do you considered a message that is not DKIM signed has a presumption
of invalidity? Thus promoting a SSP check?
There is no presumption of invalidity, any more than there is a
presumption that messages being content filtered are spam. If SSP says
that the messages should have a valid signature and they don't, then
there might be a presumption of invalidity (although I would prefer to
call it "suspicious") but that a result of the SSP check, not a
presumption of an unsigned message by itself.
-Jim
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html