In the particular case you are stating, you have clearly identified
where the mail was signed, no other assertion can or should be made
about the signature. The dkim-asp=fail only indicates that you may not
want to bypass your other anti-spam mechaninations
Bill Oxley
Messaging Engineer
Cox Communications
404-847-6397
-----Original Message-----
From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org
[mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of SM
Sent: Tuesday, April 29, 2008 8:42 PM
To: Douglas Otis
Cc: ietf-dkim(_at_)mipassoc(_dot_)org
Subject: Re: [ietf-dkim] Section 3.1 - ASP Usage
At 16:27 29-04-2008, Douglas Otis wrote:
Do you think there should be a statement indicating the ADSP lookup
procedure should not be done when there is a valid Author Domain
signature? Perhaps the receiving domain only validates DKIM
signatures when ADSP indicates Discardable. : )
My question is about the implementation of ssp-03. The example which
was tested is an odd case as we have a dkim=pass and
dkim-asp=fail. Section 3.1 of the draft says:
If a message has a Valid Signature from an Author Domain, ASP
provides no benefit relative to that domain since the message is
already known to be compliant with any possible ASP for that
domain.
I read that as meaning that as the ASP (ADSP) lookup is not done
then. I'm not saying that it should not be done. :-)
Regards,
-sm
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html