Dave Crocker wrote: > > >>> strict All mail from the domain is signed; messages lacking a >>> valid Originator Signature MUST be considered Suspicious. The >>> domain does not expect to send messages through agents that >>> may >>> modify and re-sign messages. >> >> This value appears to conflate three separate issues: >> >> 1. All mail with this domain in the From field will be signed by >> that domain. >> >> 2. No mail with this domain in the From field will be sent via >> mailing >> lists or other Mediators (re-posting services.)
Strict does conflate these two. RFC5016 refers to "practices" (whether or not the domain is "DKIM Signing Complete", i.e., signs all its mail) and "expectations" (whether a verifiable author signature should be expected). This leads to four combinations, one of which doesn't make sense (Signing Incomplete but expect a signature anyway). The other three are Unknown, All, and Strict. >> >> 3. The owner of this domain considers non-delivery (including due to >> broken signature) preferable over delivery of messages with this >> domain in the >> From field, but lacking a valid signature with this domain in the i= >> parameter. This is entirely separate from Strict; it's the handling flag, either Process or Deny. There has been some discussion as to whether Deny makes sense with anything other than Strict (and whether Strict makes sense with any handling other than Deny), but the draft is written with the process flag independent. >> >> At a minimum, the document should have text that considers the range >> of mail >> practices, such that this particular configuration of behaviors and >> needs is >> only one of the set. That way, there is a serious context for >> assessing the >> choice to have this particular, single flag, as representing a >> particular >> multi-attribute set. Would this be the discussion requested in issue #1527? >> >> In terms of terminology choice, a more semantically useful label >> might be >> something like "integrated". Many scenarios could be "strict", so >> that the >> choice, here, does not convey much specific meaning. I suggest >> "integrated" >> because I believe the flag applies to scenarios in which all aspects >> of the >> sender's email content and operations are tightly integrated. I'd be interested in your opinion given that the label is not, in fact, "integrated". -Jim _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
