On Sat, 2006-04-29 at 08:38 +0200, Eliot Lear wrote: > This seems to me to be a poor man's version of SSP, and I would think > that we would consider it in such a context. But even if we were to > consider this now, wouldn't different selectors cover this ground?
It is unknown whether an SSP record can be discovered when investigating email-addresses found within the message. The DKIM signature is not required to have any relationship with an email-address however, which is good. The possible independence of the email-address also means that when the email-address's SSP allows third-party signing, SSP could be worthless at establishing _any_ level of trust, even when the signer is well-know and trusted and willing to vouch for the source. The r= parameter would allow the signing-domain far greater clout. After all, the signing- domain is where the trust _must_ be derived. For many email-addresses, SSP will offer _nothing_ in regard to trust. There is real value in r=. A selector tagging convention could be established, but it would not offer as much flexibility as would the r= parameter. A key selector can not offer a range, where a common key could be used for different levels of vetted sources when signed at the MTA, for example. A key selector also does not have any relative merit, which would need to be established by convention. A simple sequence of numbers already imparts this relationship. -Doug _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
