Scott Kitterman wrote: > For the munger/non-munger approach, how would then domain > owner know if it's users sent to mungers or not? I don't > see how that's possible.
When I read this article I thought it's something like this: "All my mails are normally signed by me. But I participate in mailing lists, for mails from known lists my signature can be broken (invalid / removed / whatever)." It's then up to the receiver to define "known lists" somehow. A relaxed "I sign all", stronger than "sometimes", because reasons for a broken / missing signature should be "obvious" for receivers. We've to ask Wayne if that's what he had in mind. > For I know I don't sign, is there a special action a receiver > can take if they get a message with a signature They can reject it as not plausible without checking. Either an error on the site of the sender, or an emergency, one of the odd cases discussed in the "threats" RFC. > (maybe claranet started signing and you missed the message)? I'd hope they publish an SSP in that case, it's quite possible that I missed this... :-) > If not, do we need to include it? So far I'd like this better than a "null" policy meaning only "you found it, and it's empty". Admittedly this smells a bit like "URI squatting" / "opt-out". Frank _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
