ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] More formal definition of 3rd-party signatures?

2010-03-17 13:37:46
On 3/17/10 10:36 AM, Jeff Macdonald wrote:
If "or the more specific identity i= tag" was removed from the above
definition, would everyone agree that is the proper definition of a
third-party signature? That would mean:

From: foo(_at_)example(_dot_)com
DKIM-Signature: ... d=i.example.com

would be considered a third-party signature.
   
d=bar.example.com is unable to add a valid "author domain" signature for 
foo(_at_)example(_dot_)com(_dot_)   There would be no hierarchical authority 
permitted, 
otherwise.  See section 2.7 of RFC 5617.

One might want to equate Author Domain signatures with "first party" 
signatures, and all others as "third party".

Even d=example.com is unable to add a valid "author domain" signature 
for foo(_at_)bar(_dot_)example(_dot_)com(_dot_)  It does not seem logical to 
describe 
signatures as third-party when higher within the hierarchy than the 
author domain.

2.7.  Author Domain Signature

An "Author Domain Signature" is a Valid Signature in which the domain
name of the DKIM signing entity, i.e., the d= tag in the DKIM-
Signature header field, is the _same_ as the domain name in the Author
Address.  Following [RFC5321], domain name comparisons are case
insensitive.

  -Doug
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

<Prev in Thread] Current Thread [Next in Thread>