On Wed, 9 Jan 2008, SM wrote: > From a standards point of view, we don't dictate policy decisions. The > verifier determines whether the signature is valid, then passes the > result to a policy agent. > > Although we can do the two together operationally, they don't have to be > in the same process. We might have a centralized policy agent which > processes the results from the verifiers and applies the site policy.
Sure, but I see those, namely verification and then application of policy, as part of an overall receipt process even if they're not done by precisely the same piece of software. You're right that they don't have to be the same but they're simultaneously so closely intertwined that it can be difficult to see them separately. ------------------------------------------------------------------------- Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace _______________________________________________ dkim-milter-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/dkim-milter-discuss
