spf-discuss
[Top] [All Lists]

RE: S/MIME Gateway Profile / Yahoo DomainKeys

2004-05-06 09:06:23
On Thu, 2004-05-06 at 09:15, Hallam-Baker, Phillip wrote:
3) MUAs should support S/MIME signature
      But failure of a signature should not disrupt the user interface
              unless it is known that all mail from that domain is signed.

Did you perhaps mean here to say:

"But /absence/ of a signature should not disrupt the user interface,
unless..."

If all MUAs support S/MIME signature, and a signature is present,
failure of the signature to validate should definitely raise a flag.  If
the signature is completely missing and the domain has made the
assertion that it always signs messages, that should definitely also
raise a flag.

I'm not sure I understand why you suggest that the failure of a
signature to validate would only alert the user if the domain has made
the assertion that it signs all messages...

-- 
Dustin D. Trammell
Vulnerability Remediation Alchemist
Citadel Security Software, Inc.

-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/spf-draft-200404.txt
Wiki: http://spfwiki.infinitepenguins.net/pmwiki.php/SenderPermittedFrom/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com

Attachment: signature.asc
Description: This is a digitally signed message part