ietf-mailsig
[Top] [All Lists]

Re: QUERY: Relationshipt to other IETF work

2005-07-25 23:12:31


----- Original Message -----
From: "Hallam-Baker, Phillip" <pbaker(_at_)verisign(_dot_)com>


Question:

Should the MASS group consider the relationship of DKIM
to other IETF work, completed or ongoing?
   Yes / No

Yes.

Should the MASS group consider the relationship of DKIM
to other standards bodies such as the W3C?
   Yes / No

Not sure. Depends.

In regards to DKIM implementation:

I see the following:

1) Alternative DKIM Policy Query Lookup Methods.  DNS should be default, but
the model should be defined for other methods as well.  The OPES WG is
defining SMTP uses.

2) New x822 and/or x821 related issues.

Example #1:  2822 does required a "To:" header.  What happens when a signing
server has defined "To:" has part of its header signing policy?

Example #2:  Most servers do not require any headers at all.  What happens
when a signing server has defined headers that are missing?

3) Mixed Policies issues.

3.1) DKIM integrated with new SMTP compliant checking
3.2) DKIM integrated with SPF
3.3) DKIM integrated with SENDERID/PRA

Some examples:

Incoming Email is 100% perfect DKIM validated, but:

- What if the HELO client domain is spoofed? or the address-literal does not
match the IP address?

- What if the Return-Path is not valid (no MX or bad address)?

- What if the SPF/SENDERID result is a FAIL or NEUTRAL/SOFTFAIL?

What is the DKIM suggested policy with these mixed result policies?  Is it
noted in the AR header?

--
Hector Santos, Santronics Software, Inc.
http://www.santronics.com



<Prev in Thread] Current Thread [Next in Thread>