Scott Kitterman wrote: > As we think through the definition of minimum, I think it important that we > consider the class of domains that are not supported by one or more dedicated > mail servers. ... > Is the concept of operations that these servers should sign using the > provider's key (so all signatures for the domain are 3rd party) or that the > provider should manage multiple keys to support per domain keys and sign the > messages first party for the domain?
Why should it matter whether the host is shared, or not? The question of whether to have the provider do the signer or whether to have a content agent (rfc2822.From or rfc2822.Sender) strikes me as important generally, not just when the provider has more than one user domain sending from the provider's platform. The essential question is whose reputation (accreditation, certification, etc.) is to be used. It might well be that there should be a signature by EACH of the relevant domains, in order to call on reputation information both for the author as well as for the originating provider. d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
