through a separate, value-added mechanism. My own preference would be for
using
a special header-field that contains the cert, with the specification of
using
such certs as saying that they are enabled when included in the set of h=
covered header fields.
I don't see how this is functionally different from VBR. In both cases
the signer assserts that the message is certified by foo. If the
recipient finds foo to be credible, it checks to see if foo really did
certify the signer, by a DNS lookup for VBR, or I suppose by checking the
offered cert to see if the signature is valid, and if the contents include
the signer's domain and an expiration date in the future.
It occurs to me that since mail certification is likely to make assertions
about behavior as well as identity, the SSL model in which certs last for
a year won't work, since behavior can change rapidly. Either the
certifier has to issue a stream of short-term certs to everyone it
certifies, or the verifiers have to check CRLs, which is tedious. By the
time you do all that, a DNS check, even one with DNSSEC, looks pretty
attractive.
Regards,
John Levine, johnl(_at_)iecc(_dot_)com, Primary Perpetrator of "The Internet
for Dummies",
Please consider the environment before reading this e-mail. http://jl.ly
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html