On 01/19/2006 15:50, Michael Thomas wrote: > Earl Hood wrote: > > On January 19, 2006 at 03:10, "Hector Santos" wrote: > >>Sender-Signing Policy (SSP): > >> > >> NONE (no policy) > >> o=? WEAK (signature optional, no third party) > >> o=~ NEUTRAL (signature optional, 3rd party allowed) > >> o=- STRONG (signature required, 3rd party allowed) > >> o=! EXCLUSIVE (signature required, no 3rd party) > >> o=. NEVER (no mail expected) > >> o=^ USER > > > > ... > > > > Wouldn't be easier of the signer can assert a role so such checks > > are not necessary by a list server? > > No. SSP is not for signed mail, it's for unsigned mail. > If it's a third party signature you still need to check SSP for EXCLUSIVE policy.
> > If the list server makes no > > assertion against an (RFC-2822) originating address, it should be > > able to sign all messages it distributes. > > Correct. Nothing needed to provide this, though the i= isn't explictly > saying what "role" (binding) it's providing (if any). > > > This would avoid list servers having to do SSP checks on each message > > and avoid the problems of bad implementations getting the logic wrong > > on when to sign and not to sign. > > Receivers in general only need to do SSP if the message is unsigned. > List servers are no different. ditto. Scott K _______________________________________________ ietf-dkim mailing list http://dkim.org
