ietf-mailsig
[Top] [All Lists]

Re: one more time: agreeing on the basic goal of MASS

2004-11-22 22:15:51

Jim Fenton wrote:

Dave Crocker wrote:

 On Mon, 22 Nov 2004 14:33:17 -0700, Robert Barclay wrote:

> say that my goal for this service is to provide a mechanism for the
> domain of a message author to provide an assertion that they
> authorized the sending of a specific message.


 this sounds good to me. would others care to comment?


I like it.


 it occurs to me that the precise meaning of your statement might
 actually go farther than we want, since it implies per-message
 assessment by the domain owner.


I don't see anything abut assessment there. I am authorized to send mail from this address. That doesn't imply that my domain assessed the message at all. Perhaps it's the wording "of a specific message" that concerns you; the meaning is that the assertion is manifested in a specific message, not that the domain authorizes each message individually.


Thanks. That is exactly what I meant.



 perhaps a bit of tuning?

 something like "the domain of the message author has authorized the
 message author to send messages under the domain"?

 it doesn't flow trippingly off the digits, but it's probably closer
 to reality.

You're right, it doesn't flow as well. Also, if I read it carefully, it tends to sound like the authorization is necessarily for any address under the domain. Granularity to individual addresses is important too.

-Jim

Even in the case of per user keys it is presumably the domain providing those keys and thus the authorization though. Right?







<Prev in Thread] Current Thread [Next in Thread>