On 9/16/10 10:24 AM, Murray S. Kucherawy wrote:
On Thursday, September 16, 2010 8:32 AM, Jeff Macdonald wrote: I
don't think there is a consensus on what a 3rd party signature is.
Oh, I disagree. As someone (Ian?) pointed out, there's some
long-established common use about what the term "third-party" means,
and I don't think we need to establish rough consensus on something
like that.
For a message (not even specifically email) from A to B via C, A is
the first party, B is the second party, C is the third party.
The first several definitions I found via a simple Google search
concurred.
This seems to be the correct answer, but there are a few issues that
will cause some difficulties using this simplified terminology when
describing parties and their related reputations/accountability/authority.
With ADSP, any signing domain that is NOT exactly the same as the
email-address domain would be a third-party from the perspective of
ADSP. It could be both domains a.tld and a.a.tld are administered under
the same authority. So when a.tld sends a message signed by a.a.tld to
b.a.tld, then-
a.tld -> author-domain
a.a.tld -> signing-domain (first party but not a valid Author Domain
Signature)
b.a.tld -> second party recipient
Hector had a good idea that could expand ADSP compliance when using
different signing domains to identify different mail streams.
His asl tag could be used to enable the treatment of subdomain
signatures as being equal to that of an author domain, but as a
different mail stream.
It seems most would have difficulty understanding that a.a.tld will not
provide a valid Author Domain signature able to satisfy ADSP compliance
for a.tld.
-Doug
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html