ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] Output summary - proposing ODID "Originating Domain Identity"

2011-05-04 15:51:20
Murray S. Kucherawy wrote:

I agree that it's an implementation issue. All of this is. But choosing
a single "output" formally makes that a no-no for the assessor, which
is a silly outcome. And it's but one silly outcome. What of the h= values?
How does an assessor know which ones were signed? That's a layering
violation according to -bis. Silly.

There's no proscription against providing those details if the 
verifier wants to export them.  The document is saying there 
is "one" required output, not "only one" output; it's a minimum.  
And I think it's pretty clear about that.

But its not clear on the other outputs appropriate for the receiver to 
consider.

You can have a table:

    status  REQUIRED
    SDID    REQUIRED, MANDATORY for Trust Identity Assessor (see 2.7)
    AUID    OPTIONAL, see 3.11
    ODID    OPTIONAL for Checking Signing Process (see RFC5585)

I think what 3.9 should state these minimal DKIM related output 
purpose is to get a Security and/or Trust Evaluation.

-- 
Hector Santos, CTO
http://www.santronics.com
http://santronics.blogspot.com


_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

<Prev in Thread] Current Thread [Next in Thread>