ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: [ietf-dkim] NEW ISSUE: Security Threat: Unexpected Third PartySenders

2008-02-13 19:15:24
from [J D Falk] [Permanent Link] 
Hector ranted:


So why do you advocate an inherent "policy and mandate"
against allowing a domain owners (and the key words is
owners) the option and flexibility to opt out with a global
declaration -

       "I don't expect 3rd party signatures in my direct 1 to 1
        private email communications with my target recipients."


We get that exact statement from the "discardable" flag.

What ASP (and SSP-02) /don't/ permit is for a domain owner to say "I'm
cool with 3rd party signatures," either by prior agreement or random
happenstance.  That's what I want to leave out of scope, and deal with
in the future.

_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] ISSUE 1519: SSP-02:Author Signature scope too narrow, Douglas Otis
Next by Date:  RE: [ietf-dkim] NEW ISSUE: Security Threat: Unexpected Third PartySenders, J D Falk
Previous by Thread:  Re: [ietf-dkim] NEW ISSUE: Security Threat: Unexpected Third PartySenders, Hector Santos
Next by Thread:  [ietf-dkim] ISSUE: SSP-02:Author Signature scope too narrow (Updates ISSUE 1519), Douglas Otis
Indexes:  [Date] [Thread] [Top] [All Lists]