ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-dkim] Re: ISSUE 1521 -- Limit the application of SSP to unsigned messages

2008-01-24 13:34:43
from [Wietse Venema] [Permanent Link] 
Arvel Hathcock:

I would take this further: remove all text that says when to apply
SSP.  Instead, provide text that states the contribution that SSP
can make under different conditions:  mail with valid first-party
signature, mail with valid third-party signature, and mail without
valid signature.
  


I mostly agree with Wietse's proposal.  Yes, I'm aware that diverges 
sharply from the current draft.


I could get behind Wietse's proposal also if it hadn't started with "I 
would take this further."  I'm concerned with the "this" he refers to 
which encourages avoiding SSP completely in the presence of a verifiable 
signature from just anybody whom-so-ever.  I view that notion as 
completely defeating SSP.


I am not discouraging SSP.

"take this further" refers to the deleted text that directly preceded it:


All text that causes SSP to be applied to an already-signed message 
needs to be removed.


I propose that we remove not only this text but also other text
that says when to apply SSP.

        Wietse
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] Seriously., Damon
Next by Date:  Re: [ietf-dkim] Re: ISSUE 1521 -- Limit the application of SSP tounsigned messages, Steve Atkins
Previous by Thread:  Re: [ietf-dkim] Re: ISSUE 1521 -- Limit the application of SSP to unsigned messages, Damon
Next by Thread:  Re: [ietf-dkim] Re: ISSUE 1521 -- Limit the application of SSP to unsigned messages, Michael Thomas
Indexes:  [Date] [Thread] [Top] [All Lists]