Re: [ietf-dkim] RFC4871 5322.From Binding - Proposal to relax it.

John R. Levine Thu, 16 Sep 2010 05:54:37 -0700

Since there's no such thing as a "3rd party signing policy" in DKIM or ADSP, I don't understand why we're even discussing this.


R's,
John



On Thu, 16 Sep 2010, MH Michael Hammer (5304) wrote:

-----Original Message-----
From: [email protected] [mailto:ietf-dkim-
[email protected]] On Behalf Of Scott Kitterman
Sent: Thursday, September 16, 2010 12:57 AM
To: [email protected]
Subject: Re: [ietf-dkim] RFC4871 5322.From Binding - Proposal to relax

it.

Since anyone can generate a DKIM signature with a signing domain they
control, an unconstrained 3rd party signing policy means precisely
nothing. Without some kind of constraint (1st party only or a defined

set

of third party signers) arbitrary senders could meet the policy
requirements.

- 1.

Scott K


Make that a -2 for all the reasons Scott indicated.

Mike

_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html


Regards,
John Levine, [email protected], Primary Perpetrator of "The Internet for Dummies",
Information Superhighwayman wanna-be, http://www.johnlevine.com, ex-Mayor
Please consider the environment before sending e-mail.

smime.p7s
Description: S/MIME Cryptographic Signature

_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

Re: [ietf-dkim] RFC4871 5322.From Binding - Proposal to relax it.

Reply via email to