----- Original Message -----
From: "Michael Thomas" <mike(_at_)mtcc(_dot_)com>
Likewise, there are a lot of things that innocently mangle messages
in transit. This is a tradeoff. Things that really, really want
assurance that their message is not tampered with should use
simple.
Wouldn't systems that want strong assurances would use non-relayed DKIM
policies "o=-" (minus)?
I don't think the issue is nowsp or simple or whatever method is used, but
rather how easy it can be broken and what concerns me (as a vendor), is how
are we implement, support, document or present this to customers. I
certainly do not want to pass the buck to our own support staff.
I think what is missing from the o= Outbound signing policy is maybe a
policy that says how to handle broken verifications. o=- only addresses
non-signed mail.
Just for the sake of example, lets use o=$ (high value email)
This would be defined as (only a suggestion)
o=$ (High Value Email)
All mail from the entity is signed; unsigned email
MUST NOT be accepted, but email signed by a
third party SHOULD be accepted. All mail that fails
verification due to some broken DKIM entity SHOULD be
reported to company (r=) [before accepting].
This provides some clues for operational flow for vendors and operators.
--
Hector Santos, Santronics Software, Inc.
http://www.santronics.com