On 6/20/2014 1:40 PM, John R Levine wrote:
> It feels like some people (not you I hope) are assuming that if a
> message has a valid signature, it's good and you deliver it, which is of
> course wrong.
Since I haven't seen anyone suggest this, during this or frankly any
other, discussion, nor have I seen any text that even hinted at that
attitude, I've no idea what you are referring to.
> If the signature is valid *and* the signer has a good
> reputation, then a delivery agent might do something nice to the
> message. If it sees a lot of cruddy mail with my signature,
The issue is not your 'signature' but your d= domain name. That's where
the reputation assessment is supposed to lie.
It's one of the problems with language that loosely refers to what DKIM
does as 'signing' the message. It's not really doing that.
Since your Subject text nicely invokes the question of real DKIM
semantics, let's be explicit:
DKIM is "affixing" the d= name to the message. The 'signature' is
the glue.
If we think and talk in those terms, then the question of how strong the
glue needs to be needs to be made in the context of real or likely
efforts at pulling the name off of a legitimate message and affixing it
to an illegitimate one.
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
