John,
we can discuss it for the very reason you pointed out, people want to use/sell
3rd party signing, so lets discuss a policy and write it up. I know my company
wants one and I suspect a few others might as well. I know that some folks
fought very hard to keep it out originally but as I pointed out then, its time
will come
On Sep 16, 2010, at 8:50 AM, John R. Levine wrote:
Since there's no such thing as a "3rd party signing policy" in DKIM or
ADSP, I don't understand why we're even discussing this.
R's,
John
On Thu, 16 Sep 2010, MH Michael Hammer (5304) wrote:
-----Original Message-----
From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org [mailto:ietf-dkim-
bounces(_at_)mipassoc(_dot_)org] On Behalf Of Scott Kitterman
Sent: Thursday, September 16, 2010 12:57 AM
To: ietf-dkim(_at_)mipassoc(_dot_)org
Subject: Re: [ietf-dkim] RFC4871 5322.From Binding - Proposal to relax
it.
Since anyone can generate a DKIM signature with a signing domain they
control, an unconstrained 3rd party signing policy means precisely
nothing. Without some kind of constraint (1st party only or a defined
set
of third party signers) arbitrary senders could meet the policy
requirements.
- 1.
Scott K
Make that a -2 for all the reasons Scott indicated.
Mike
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html
Regards,
John Levine, johnl(_at_)iecc(_dot_)com, Primary Perpetrator of "The Internet
for Dummies",
Information Superhighwayman wanna-be, http://www.johnlevine.com, ex-Mayor
Please consider the environment before sending
e-mail.<smime.p7s><ATT00001..txt>
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html