[mailto:owner-ietf-mailsig(_at_)mail(_dot_)imc(_dot_)org] On Behalf Of John
Levine
Down the road when reputation systems are more mature it may
be useful to put assertion tags into signatures, e.g. "this
is transactional mail" or "this is unconfirmed opt-in bulk
mail" a la TEOS. It looks to me that both of the major
candidates (DK and IIM) have room for more fields in the
signature data so we have that option.
From a practical point of view I would add that level of information into
the key binding rather than the signature but we can argue that down the
road. Companies would have separate keys for transactional mail (I would
expect).
The aim of MASS should be to simply design a cryptographic signature
envelope format that is strictly backwards compatible with legacy
infrastructure in a transparent fashion. Higher level requirements arguments
such as 'we are going to solve problem x' are bunk.
None of us need to agree on the problems we are going to solve in order to
agree on a piece of technology to be used to solve it.