> This is useful, but seems to ignore the discussion that has been surrounding > the fact the signature does not provide assurance about the source
yeah. maybe i should have tried for different language, but folks seem more comfortable with that term and i wanted to see whether we could get basic agreement on any sort of summary description. > - rather > it provides assurance that a specified signing party is vouching for the > message. The signing party may be associated with the source, or they may > not be. Accepting the message on the basis of the signature implies > accepting the relationship between the signing agent and the message > originator. I like your last sentence, although the signer does not have to necessarily be associated with the originator, since the message can be signed anywhere along the path. d/ --- Dave Crocker Brandenburg InternetWorking +1.408.246.8253 dcrocker a t ... WE'VE MOVED to: www.bbiw.net _______________________________________________ ietf-dkim mailing list <http://dkim.org>
