Douglas Otis wrote:
> On Mar 9, 2009, at 8:35 AM, Suresh Ramasubramanian wrote:
>
>> If your sole goal in ADSP is "declare that domain x signs all mail"
>> then there could be a far simpler and more cut down version of ADSP
>> that'd fit the bill.
>
> Agreed. It should not force double signing, for example.
>
>> To wit - the "locked ADSP record" part. And if that's all that is
>> required .. why then, I dont see why that part of it cant be
>> shoehorned into the base 4871 spec somehow - perhaps in -bis as a
>> newly defined tag.
>
>
> This terminology is from a different draft where "all" was changed to
> "CLOSED" and "discardable" to "LOCKED". The DKIM public key is not
> directly referenced from the email-address domain, it needs a selector
> to be discovered. This policy is to be applied when no signature is
> found. There does not seem to be any practical advantage attempting
> to overload the DKIM public key record, nor would a signature tag be
> that much help.
Lets keep this simple.
From the beginning, there were certain policies that were considered
that I can best summaries with these dialog box:
-- SSP --
DOMAIN: __________
(_) NEVER SIGNED
(_) ALWAYS SIGNED
(_) ME ONLY
(_) 3RD PARTY LIST [ EDIT LIST ...]
(_) SOMETIMES SIGNED
(_) ME ONLY
(_) 3RD PARTY LIST [ EDIT LIST ...]
[ SAVE SSP RECORD ] [ REMOVE SSP RECORD ]
That was deemed too complex, at least the 3rd party portions of it.
So now we have (I think)
-- ADSP --
DOMAIN: __________
(_) ALWAYS SIGNED
[_] ME ONLY
(_) SOMETIMES SIGNED
[_] ME ONLY
[ SAVE ADSP RECORD ] [ REMOVE ADSP RECORD ]
Any further reduction is not going to help target the market of
domains that at seeking exclusive DKIM signature usage.
--
Sincerely
Hector Santos
http://www.santronics.com
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html
