I can't comprehend the relevance of your words since we're not dealing on the level of "local-part" in this WG - only on the level of "domain". Isn't this true?
-- Arvel -----Original Message----- From: Douglas Otis [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 26, 2006 1:51 PM To: Arvel Hathcock Cc: '[email protected]' Subject: Re: [ietf-dkim] New issue: Requirement #10 - Invoking SSP - Suggestion to Remove this. On Sep 26, 2006, at 11:26 AM, Arvel Hathcock wrote: >> 10. The Protocol MUST NOT be required to be invoked if a valid >> first party signature is found. > > Hector, doesn’t it say exactly what you want it to say? It says > that the protocol must not require invocation when valid first > party signatures are found. It doesn't say "THOU SHALT NOT INVOKE > THE PROTOCOL". I see nothing that needs to be changed. There might be policies associated with the local-part of the referencing email-address domain. Depending upon how this policy is being used, it may be required by some protocol to obtain this policy record. Assume this would only happen when the email-address domain is considered trustworthy, and that there might be conditional constraints that might be applied, such as those that may pertain to the local-part. Not everyone within any domain should be assumed trustworthy. When attempting to define a protocol for indicating an additional level of trust, there might be a need to further constrain the assertion. That additional constraint would be required even when the signing domain matches the email-address domain. _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
