When a message is received the only thing we truly can determine is the
IP it came from (in most cases)no matter what authority or ruleset that
subsequent headers assert. Now DKIM asserts responsibility for signing
but may not be the sender. Perhaps SSP should be asserted by the signing
domain so responsibility can be narrowed to a single party. I see a lot
of DKIM spam in the wild so we will have to ascertain
reputation/accreditation regardless but at least we will have an entity
of some sort to assign responsibility to. Highly phished sites will have
look-a-like issues regardless of what we assign as determinate SSP
lookup headers.
Thanks,
Bill Oxley
Messaging Engineer
Cox Communications
404-847-6397
-----Original Message-----
From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org
[mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of Jim Fenton
Sent: Thursday, January 17, 2008 12:45 PM
To: Jon Callas
Cc: ietf-dkim(_at_)mipassoc(_dot_)org
Subject: Re: [ietf-dkim] Re: ISSUE 1525 -- Restriction to posting by
firstAuthor breaks email semantics
Jon Callas wrote:
I think we should fall back to a minimal SSP that contains only the
"I-
SIGN-ALL" policy, and we let the real-world deployment and desires for
additions control more in SSP than that. SSP2 can start in a year or
two, and then we see what is needed in the real world. We can even
have experimental things in the field to test them.
That's a suggestion in a different direction (issue #1520). The issue
here is how we obtain the policy, be it the minimal "I-SIGN-ALL" that
you advocate or the richer policy that is in the current draft. Is it
queried based on the [first] author's domain, the authors' domain(s), or
the sender's domain?
-Jim
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html