Dave Crocker wrote: > > > Michael Thomas wrote: >> Dave Crocker wrote: >> >>> 3. Scope and scale of query traffic >>> >>> SSP originally was constrained to apply only to unsigned mail. The >>> current specification applies to unsigned messages *and* signed >>> messages >>> where the DKIM i= domain name does not match the rfc2822.From >>> <addr-spec> >>> domain. This is a considerable change in the nature -- and >>> potentially >>> a considerable change in the amount of query traffic -- that SSP >>> causes. >> >> This has not changed in years. Maybe you've just become aware of it. And >> the problem here remains with unsigned traffic. Third party >> signatures are >> very rare beasts. > > The requirement to have i= match From domain was added between the -02 > and -03 versions, sometime during Fall 06 and Winter 07. > > On reviewing the working group archive, I have not succeeded in > finding any discussion either of changing the SSP paradigm to apply to > signed message or of the problematic selection of the rfc2822.From > field, rather than rfc2822.Sender field domain. > > I recall making a point a number of times in the working group, > verifying that the group agreed that SSP applied (only) to unsigned > messages.
>From draft-allman-dkim-ssp-00.txt, dated July 9, 2005, section 1 paragraph 3: In the absence of a valid DKIM signature on behalf of the "From" address [RFC2822], the verifier of a message MUST determine whether messages from a particular sender are expected to be signed, and what signatures are acceptable. -Jim _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
