On Sep 26, 2006, at 11:26 AM, Arvel Hathcock wrote:
10. The Protocol MUST NOT be required to be invoked if a valid
first party signature is found.
Hector, doesn’t it say exactly what you want it to say? It says
that the protocol must not require invocation when valid first
party signatures are found. It doesn't say "THOU SHALT NOT INVOKE
THE PROTOCOL". I see nothing that needs to be changed.
There might be policies associated with the local-part of the
referencing email-address domain. Depending upon how this policy is
being used, it may be required by some protocol to obtain this policy
record. Assume this would only happen when the email-address domain
is considered trustworthy, and that there might be conditional
constraints that might be applied, such as those that may pertain to
the local-part.
Not everyone within any domain should be assumed trustworthy. When
attempting to define a protocol for indicating an additional level of
trust, there might be a need to further constrain the assertion.
That additional constraint would be required even when the signing
domain matches the email-address domain.
-Doug
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html
