-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Dec 9, 2007, at 5:03 PM, Arvel Hathcock wrote:
The purpose of SSP is to detect unauthorized domain use.
I disagree on this. The purpose of SSP is for the sender to give the
receiver a hint as to what to do with messages that have broken
signatures.
In a number of cases, such as a policy of "sign-all," this may have
the *effect* of lowering unauthorized domain use, because the
receivers will be more inclined to black-hole a message with a broken
signature. If my MTA had a checkbox that enabled this, I'd probably
check it.
Unsigned messages are still something I'm not comfortable with. While
they are a case of broken-signature-messages, and again, if my MTA
had a check box that said "Check sender's SSP for unsigned messages,"
I would probably check that, too.
However, I'm still uncomfortable with declaring that all non-DKIM
emails are all of a sudden broken-signature-messages.
Jon
-----BEGIN PGP SIGNATURE-----
Version: PGP Universal 2.6.3
Charset: US-ASCII
wj8DBQFHX1EysTedWZOD3gYRAm29AKCu7ZjUnoHeYwUtB+gKx+yksud35ACffnMa
jqClnPqYjI2PvmKf0zce0M8=
=DLkX
-----END PGP SIGNATURE-----
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html