Sure thing!
The purpose of SSP is to detect unauthorized domain use. This can not
be achieved if the spec assumes that a signature from just anybody
what-so-ever is OK. So, the engineering rationale for rejecting your
idea is that accepting it would mean a complete defeat of the purpose.
Arvel
Dave Crocker wrote:
Arvel,
It would help to have some engineering rationale and market demand
commentary to flesh our a call for "utter" rejection.
d/
Arvel Hathcock wrote:
All text that causes SSP to be applied to an already-signed
message needs to be removed.
-1. That simply has to be utterly rejected.
A DKIM signature is a statement of responsibility. When a signature
is present, an organization has taken responsibility for the message.
That's fine for DKIM-Base. We're discussing SSP though.
Arvel
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html