----- Original Message ----- From: "Scott Kitterman" <[EMAIL PROTECTED]>
> On Wed, 16 Aug 2006 16:36:29 -0700 Jim Fenton <[EMAIL PROTECTED]> wrote: >> The one I described: the inability for a verifier to distinguish >> an author signature generated by the delegate from a third-party >> signature generated by the delegate operating in a different context. > I think this is a good point for an informative note in the spec. > This is both an operational point for providers and a item > for domain owners to check on before they delegate SSP signing > authority. If one is aware of it up front, I think it's an > easy problem to avoid. +1, Thank you. -- Hector Santos, Santronics Software, Inc. http://www.santronics.com _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
