ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] NEW ISSUE: Security Threat: Unexpected Third PartySenders

2008-02-13 00:25:49
>> Hector wrote:
>>
>> The fallacy in the "common use case" opinion stated above is
>> that it has limited insight and is based on the idea that
>> most domains may wish to be part of a 3rd party Bulk mailer
>> system or will part of a prior 3rd party agreement or have a
>> inherent TOS with 3rd party signers.

J D Falk wrote:

> That's not quite what we had in mind.  As I see it, 3rd party
> signing is only acceptable when the domain owner wants to permit
> it -- so if there's no agreement, the entire discussion of 3rd
> party signing is irrelevant.

This sounds like an OPT-OUT signing model.

So why do you advocate an inherent "policy and mandate" against allowing a domain owners (and the key words is owners) the option and flexibility to opt out with a global declaration -

      "I don't expect 3rd party signatures in my direct 1 to 1
       private email communications with my target recipients."

--
Sincerely

Hector Santos, CTO
http://www.santronics.com
http://santronics.blogspot.com

_______________________________________________
NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html