-----Original Message-----
From: dkim issue tracker
[mailto:trac+dkim(_at_)zinfandel(_dot_)tools(_dot_)ietf(_dot_)org]
Sent: Wednesday, April 13, 2011 6:55 AM
To: Murray S. Kucherawy; barryleiba(_at_)computer(_dot_)org
Cc: dkim(_at_)ietf(_dot_)org
Subject: Re: [dkim] #1: Suggestion to change text in section 2.3
#1: Suggestion to change text in section 2.3
[...]
Consensus so far (pulling in pre-WGLC comments on the same topic) is to keep
the text as-is, and so far I concur with that position. I don't believe any of
the proposed changes so far do anything to clarify or correct anything in here.
There's been concern expressed that the list of examples in 2.3 specifically
exclude some possible models of DKIM use, but I disagree. A "person, role or
organization" certainly can include an author or author's domain, a third-party
signer, an MLM, a certifying service, a policy evaluator, an arbitrary
intermediary, or any entity at all. I haven't seen or invented an example yet
that this doesn't cover, so I disagree that it's exclusive in some way.
Architecturally speaking, I believe the trust assessment layer is everything
after the DKIM crypto piece says "yes" or "no", and that includes policy (ADSP,
ATPS, TPA, whatever), reputation, and everything else that is done post-DKIM
during delivery or routing (local signature parameter constraints, for
example). It is certainly important, but is also external.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html