ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] NO DKIM "POLICY"

2009-02-19 17:31:17
What is the current recommended method to establish or expose that a 
DOMAIN should not be signed, is not expected to be signed and that any 
DKIM supportive receiver seeing a message with a signature from a 
purported domain should be rejected with full confidence?

That's easy: don't publish any key records.  If a verifier tries to
look up a key record for a signature that doesn't exist, it should get
the hint.

By design, a broken signature is equivalent to no signature.

R's,
John
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html