I am also interested in working on SSP. I have spent quite a bit of time
looking at how to use SSP to help manage protocol transitions.
I also helped write a similar set of specs for the Web Services world.
-----Original Message-----
From: owner-ietf-mailsig(_at_)mail(_dot_)imc(_dot_)org
[mailto:owner-ietf-mailsig(_at_)mail(_dot_)imc(_dot_)org] On Behalf Of Arvel
Hathcock
Sent: Monday, August 29, 2005 2:26 PM
To: ietf-mailsig
Subject: Re: [ietf-dkim] Purpose and sequence forDKIM
specification and deployment
Perhaps divide and conquor is the best approach. I'll volunteer to
work
on the SSP group with others who think that's important.
One group can
work out what threats DKIM-base deals with and the others what the
addition of DKIM-SSP can deal with. Then we can merge them.
I volunteer to work on DKIM-SSP also. It is critically
important if the
prevention of unauthorized domain use in message headers is
the issue. I've
posted up a couple of times already the specific problems SSP
deals with.
We could offer those as input into the threat analysis.
--
Arvel