John Levine wrote:
If SSP is going to have any utility whatsoever, it cannot be defeated
by the mere act of signing a message from any random domain. Period.
Well, OK. That sounds like a request to remove the language about
Verifier Acceptable Third-Party Signatures, since the sender has no
idea what signing domains the verifier would consider acceptable.
I'll be happy to send in an issue request referring to the specific
sections in the draft.
Absolutely. That is, in fact, what issue 1512 is about. Any text
trying to say what receivers do with non-first party signatures
should be removed as out of scope, IMO.
Mike
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html