On Sat, 2005-01-15 at 15:41 +0000, John Levine wrote:
If you want to reject mail with broken or missing signatures,
nothing's going to keep you from doing so. I will be surprised if you
can do so any time soon without rejecting more real mail than you're
willing to lose, but it's up to you.
That depends on how we define the signature scheme though.
We should agree upon a scheme which _doesn't_ cause lots of broken or
missing signatures. Surely that's why we've decided to avoid trying to
protect the From: address for the entire lifetime of the mail, and
instead we're only looking at covering one transition through the mail
system?
If what you say is true by the time MASS is complete, then we have
screwed up by defining a signature scheme which is no more useful in
practice than SPF was. So we might as well go home now.
--
dwmw2