On August 15, 2005 at 15:49, "Arvel Hathcock" wrote: > > DKIM either needs stronger binding semantics, or > > it needs to limit when signing can be done. > > I think DKIM deals with this correctly right now. Binding to the > RFC2822.From header is not required BUT when it's missing an SSP check is > performed to discover and enforce the wishes of the domain owner.
IIRC, an SSP check is done against the "Originator Address". This is either the rfc2822.from or rfc2822.sender. It is not against the signer's domain. Past discussions about SSP checks have lead to the possibility of an SSP check always being done, even when a signature is cryptographically valid. I do not think any solid conclusion has been made on this (yet). BTW, you left out a key statement when quoting me that qualifies my statement. Mr. Otis mentioned "the permitting the submission of the message." However, a DKIM signature can be generated by someone else besides the originating domain, depending on OA SSP policies. Therefore, the signer may not be domain that initally accepted message into the mail transport system. This type of signature claims a different type of responsibility than, "the permitting the submission of the message." Also see comments (separate posts) about just wanting to sign transmission headers, if this something DKIM is to be used for. DKIM currently does not support this well since all signatures are bound to the OA. Therefore, the scope of who and when DKIM signatures are created either need to be limited, or richer binding semantics must be provided to support some of the usage scenarios that have been mentioned. --ewh _______________________________________________ ietf-dkim mailing list <http://dkim.org>
