Our "extant" product supports AUTH-RES for DKIM and ADSP. Without a
thorough review again and confirmation, I feel, unfortunately, probably
not 100% according your specification. At the time it was implemented,
over a few years ago, I had found it inadequate to cover all bases. I do
recall it was mentioned. I think this may be ADSP only. When no MFA
(Mail Filter Agent) standards, and AFAIK, no one is filtering on this
stuff, I didn't think it passed all the information necessary for a
future MFA.
Example, a record for triple signatures via a list submission.
Authentication-Results: dkim.winserver.com;
dkim=pass header.d=ietf.org header.s=ietf1 header.i=ietf.org;
adsp=fail policy=unknown author.d=resistor.net signer.d=ietf.org
(unauthorized signer);
dkim=fail (DKIM_BODY_HASH_MISMATCH) header.d=opendkim.org
header.s=mail2010 header.i=opendkim.org;
adsp=fail policy=unknown author.d=resistor.net signer.d=opendkim.org
(unauthorized signer);
dkim=fail (DKIM_SIGNATURE_BAD_BUT_TESTING) header.d=resistor.net
header.s=mail header.i=@resistor.net;
adsp=pass policy=unknown author.d=resistor.net signer.d=resistor.net
(originating signer);
On 3/22/2013 12:54 PM, Murray S. Kucherawy wrote:
Colleagues,
(with apologies for the cross-posting if you get more than one copy of this)
As you may have seen already, I'm working on a revision to RFC5451.
A Proposed Standard "bis" effort always benefits from describing extant
implementations. I know about the ones I've written, and about some
very public uses of it (Gmail, Yahoo, for example). If there's anyone
in this audience that knows of others, I'd love to hear about it.
Reviews of the update are also welcome:
https://datatracker.ietf.org/doc/draft-kucherawy-rfc5451bis/
Thanks,
-MSK
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html