McDowell, Brett wrote:
BTW, one thing I think we can agree on and find value from
in these pre-deployment email discussions is terminology. I ran
into a problem at the last MAAWG during a panel discussion where
my understanding of "3rd-party signature" is what someone else meant
by "2nd-party signature". What is the real definitions of
"1st-party", "2nd-party" and "3rd-party" signatures in the context
of DKIM and ADSP, i.e. in the context of i= and d= and from: values?
Brett,
I can't speak of how "2nd party" is used within DKIM framework, but
you can review RFC 5016 with defines the terminologies for POLICY.
Requirements for a
DomainKeys Identified Mail (DKIM) Signing Practices Protocol
http://tools.ietf.org/html/rfc5016
2. Definitions and Requirements Language
o Domain Holder: the entity that controls the contents of the DNS
subtree starting at the domain, either directly or by delegation
via NS records it controls.
o First Party Address: for DKIM, a first party address is defined to
be the [RFC2822].From address in the message header; a first party
address is also known as an Author address.
o First Party Signature: a first party signature is a valid
signature where the signing identity (the d= tag or the more
specific identity i= tag) matches the first party address.
"Matches" in this context is defined in [RFC4871].
o Third Party Signature: a third party signature is a valid
signature that does not qualify as a first party signature. Note
that a DKIM third party signature is not required to correspond to
a header field address such as the contents of Sender or List-Id,
etc.
o Practice: a statement according to the [RFC2822].From domain
holder of externally verifiable behavior in the email messages it
sends.
o Expectation: an expectation combines with a practice to convey
what the domain holder considers the likely survivability of the
practice for a receiver, in particular receivers that may be more
than one SMTP hop away.
o DKIM Signing Complete: a practice where the domain holder asserts
that all legitimate mail will be sent with a valid first party
signature.
--
Hector Santos, CTO
http://www.santronics.com
http://santronics.blogspot.com
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html