Re: [ietf-dkim] Another take on "all email from us is dkim signed"

On Wed, Mar 11, 2009 at 3:33 PM, Steve Atkins 
<steve(_at_)wordtothewise(_dot_)com>wrote:


Did we already look at this idea and discard it before we settled on
using a DNS query for every email received?



Discussed, not discarded.  AFAIR,  the general feeling is that Lookups are
cheap today.

As defined by the SSP design requirements, the guideline is that policy
lookup is only required for an invalid or no signature inbound scenario.
 The Threats Analysis provided the universal agreement among all pro and con
policy people that a valid 1st party signature does not require a policy
lookup.

The complexity was the authorization of 3rd party signatures, which I though
was removed with ADSP reduction to 1st party considerations only.

But as was expected, you could not entirely do away and remove the idea,
hence you have the mess that is going on now with i=.

-- 
hls

_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:

Re: [ietf-dkim] Moving on to ADSP - was RE: Handling the errataafter the consensus call, HLS

Next by Date:

Re: [ietf-dkim] Another take on "all email from us is dkim signed", MH Michael Hammer (5304)

Previous by Thread:

[ietf-dkim] Another take on "all email from us is dkim signed", Steve Atkins

Next by Thread:

Re: [ietf-dkim] Another take on "all email from us is dkim signed", Mark Delany

Indexes:

[Date] [Thread] [Top] [All Lists]