John, we can discuss it for the very reason you pointed out, people want to use/sell 3rd party signing, so lets discuss a policy and write it up. I know my company wants one and I suspect a few others might as well. I know that some folks fought very hard to keep it out originally but as I pointed out then, its time will come On Sep 16, 2010, at 8:50 AM, John R. Levine wrote:
> Since there's no such thing as a "3rd party signing policy" in DKIM or > ADSP, I don't understand why we're even discussing this. > > R's, > John > > > On Thu, 16 Sep 2010, MH Michael Hammer (5304) wrote: > >> >> >>> -----Original Message----- >>> From: [email protected] [mailto:ietf-dkim- >>> [email protected]] On Behalf Of Scott Kitterman >>> Sent: Thursday, September 16, 2010 12:57 AM >>> To: [email protected] >>> Subject: Re: [ietf-dkim] RFC4871 5322.From Binding - Proposal to relax >> it. >>> >>> >>>> >>> Since anyone can generate a DKIM signature with a signing domain they >>> control, an unconstrained 3rd party signing policy means precisely >>> nothing. Without some kind of constraint (1st party only or a defined >> set >>> of third party signers) arbitrary senders could meet the policy >>> requirements. >>> >>> - 1. >>> >>> Scott K >> >> Make that a -2 for all the reasons Scott indicated. >> >> Mike >> >> _______________________________________________ >> NOTE WELL: This list operates according to >> http://mipassoc.org/dkim/ietf-list-rules.html >> > > Regards, > John Levine, [email protected], Primary Perpetrator of "The Internet for > Dummies", > Information Superhighwayman wanna-be, http://www.johnlevine.com, ex-Mayor > Please consider the environment before sending > e-mail.<smime.p7s><ATT00001..txt> _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
