Dave Crocker wrote:
Stephen Farrell wrote:
There's a fair bit of mail out there that doesn't fit this scenario,
i.e. which is signed by an entity other than those in the designated
headers.
If there are data available demonstrating this, that would be good to
see.
Stephen, that requirement needs to work both ways.
Just to clarify. I wasn't trying to impose any requirement. If
such data exist and can be made available that may well help us
to make decisions. If it doesn't exist, is hard to gather or
commercially sensitive or whatever, then we'll have to live with
that and do our best.
> It is, for example, why I noted that SSP needs a real and separate
> threat analysis, and statement about the scenarios it applies to and >
> those it does not.
Sure. Those are fine, but different, things.
S.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html