robert(_at_)barclayfamily(_dot_)com wrote:
Agreed, and one of the things a domain owner knows in at least some
situations is what policies they have set for users of that domain about
how they are allowed to use that domain. Clearly this is not the case
for a the majority of domains on the internet, but how many have to be
able to make this assertion for it to be useful to have in the standard?
I suspect that "how many" needs to be a secondary criterion, where the primary
one is characterization of the group(s) to which the mechanism is useful.
If we have some differential statements of constituencies and scenarios to
which a given feature applies -- sometimes called an applicability statement
-- then we can make much more realistic statements about utility.
Some constituencies are few in number but big in impact. That's fine. As
long as we can characterize them and convince ourselves that they will benefit.
By asserting that any mail that claims authorship from a domain I
control must be signed by me I'm not making any particular assertion
about why any other mail might not fit that policy. Just the fact that
it does not.
(just to make sure: "by me" means "by the same domain as listed in the author
field?)
At any rate, phrased in the way that you have phrased it, I believe you are
correct.
However, if you state that all mail claiming authorship from a domain is
signed by that domain, then there is an inescapable implication about unsigned
mail claiming that authorship. There is not need to state the implication
explicitly.
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html