On Sep 21, 2006, at 12:26 PM, Tim Draegen wrote:
My main points wrt this effort:
a. Signers MUST publish a SSP record. Its easier for me to say
"you must publish this record, please do it" if the stone-tablet
in IETF-land says so.
b. Verifiers should be allowed to function without any need to
query an SSP record. In my case, my 3rd-party reputation agents
will be doing the tracking of SSP records. For whatever reason,
I'll have customers that want to do it themselves, and I'll expose
that functionality.
In sum, I think the SSP-req doc should say "SSP must be published
by DKIM signers, and the format is <this>". I guess some sample
scenarios on the verification half can be described, but I think
that just adds confusion, and would be mostly wrong anyway.
If I understand you correctly you're suggesting that publishing
SSP records be mandated by dkim-base?
If so, -1.
Cheers,
Steve
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html
