ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] Re: ISSUE 1525 -- Restriction to posting by first Author breaks email semantics

2008-01-16 11:19:20
Dave Crocker wrote:
Jim,

Please read the following carefully and assume, just as a hypothetical, that I might actually have a legitimate basis for the assessment being offered and that there is a chance that your views are not automatically correct:


Jim Fenton wrote:
The goal of SSP is to determine the practices of the (alleged) author of the message.

That certainly describes the engineering focus that has been taken for the current draft. It does not necessarily represent the precise goal of SSP:

RFC 5016:
          While a DKIM signed message
   speaks for itself, there is ambiguity if a message doesn't have a
   valid first party signature (i.e., on behalf of the [RFC2822].From
address): is this to be expected or not?

This requirements statement is actually self-contradictory, since the words "speaks for itself" rather explicitly means that any signature is sufficient, while the rest of the sentence seems to mean that the wishes of the purported author dominate.

No it isn't. A signed message is a signed message. It doesn't say about
any relationship to any outside address. It speaks for itself. SSP is
about the subset of signatures that have a relationship with the From
address. Any signature is not sufficient by definition.


Whereas SSP began as a simple idea as a means of deciding whether an unsigned message should have been signed, it has morphed into an effort to validate the From field. That is a very, very different goal.

This is revisionist history. I've pointed to both of the historical
documents of IIM and DK which directly contradict you.

                Mike
_______________________________________________
NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html

<Prev in Thread] Current Thread [Next in Thread>