>> through a separate, value-added mechanism. My own preference would be for >> using >> a special header-field that contains the cert, with the specification of >> using >> such certs as saying that they are enabled when included in the set of h= >> covered header fields.
I don't see how this is functionally different from VBR. In both cases the signer assserts that the message is certified by foo. If the recipient finds foo to be credible, it checks to see if foo really did certify the signer, by a DNS lookup for VBR, or I suppose by checking the offered cert to see if the signature is valid, and if the contents include the signer's domain and an expiration date in the future. It occurs to me that since mail certification is likely to make assertions about behavior as well as identity, the SSL model in which certs last for a year won't work, since behavior can change rapidly. Either the certifier has to issue a stream of short-term certs to everyone it certifies, or the verifiers have to check CRLs, which is tedious. By the time you do all that, a DNS check, even one with DNSSEC, looks pretty attractive. Regards, John Levine, [email protected], Primary Perpetrator of "The Internet for Dummies", Please consider the environment before reading this e-mail. http://jl.ly _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
