On Fri, 15 Feb 2008 19:27:29 -0000, Douglas Otis <[EMAIL PROTECTED]> wrote:
> On Feb 15, 2008, at 4:50 AM, Charles Lindsey wrote: > >> On Thu, 14 Feb 2008 19:08:41 -0000, Douglas Otis <[EMAIL PROTECTED]> >> wrote: >>> s= Policy Scope (plain-text; OPTIONAL; default is "SMTP"). A colon- >>> >> No! The default must be '*'. > > The concern regarding defaults was addressed in Take #3. This version > includes a means to exclude policy. And indeed Take #3 starts: s= Policy Scope (plain-text; OPTIONAL; default is "*"). so it seems my point is accepted. > > * matches against all unlisted transport protocols > ! disavows protocol use > - excludes protocol from policy assertions > > I suspect the default should be "s=SMTP" where this would be the same as > "s=SMTP:-*". When the domain exchanges no communication whatsoever, > "s=!*" could be used. When only SMTP messages are used, then > "s=SMTP:!*" would make this assertion. But now you are contradicting yourself. First you say 'default is "*"'; now you are saying 'I suspect the default should be "s=SMTP"'. Which is it? > >> But you have to make it clear that verifiers can only discern the >> protocol used by the originating site by carefull examination of >> Received headers (and believable ones at that). So I am still very >> dubious about adding this feature. > > > Trace headers can not be included within DKIM signatures. Then in that case the whole idea of a protocol parameter in SSP falls flat on its face. Because there is no other method, apart from Received headers, for telling what was the original protocol used in sending the message, and we all know how easy Received headers are to spoof. So we are back to what Hector is saying. SSP MUST be applicable to any message in RFC 2822 format, or any format similar to that (which clearly includes News). Because other formats are regularly gated _into_ SMTP (often with the removal of headers such as Newsgroups and Path which might have indicated their origin). So sites that publish strict/discardable/whatever policies will just have to be careful. -- Charles H. Lindsey ---------At Home, doing my own thing------------------------ Tel: +44 161 436 6131 Web: http://www.cs.man.ac.uk/~chl Email:[EMAIL PROTECTED]: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K. PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5 _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
