On Aug 29, 2006, at 11:28 AM, Damon wrote:
On 8/29/06, Hallam-Baker, Phillip <[EMAIL PROTECTED]> wrote:
The requirement that I believe that the delegation discussion
highlights is the need for controlled delegation.
I.E I delegate to Fred the ability to sign on behalf of
[EMAIL PROTECTED] but not [EMAIL PROTECTED]
+1
Are we going to specifically disallow fred the ability to sign for
[EMAIL PROTECTED] by policy or say that fred can only sign for
[EMAIL PROTECTED]
Such granularity will be difficult to administer and resolve.
Message annotation can help resolve this issue by allowing for a
"direct" affirmation versus "indirect".
When the "indirect" annotation is used, the identity of the signing
party should become visible in some manner to be part of the trust
relationship.
It is even possible there is greater trust in the signing party than
there is in the email-address. : )
-Doug
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html
