> On Tue, 20 May 2008, Ned Freed wrote:
> > > > There are likely to be cases within a domain where a client wants to
> > > > get his address "signed" with BATV but where you don't want to hand
> > > > out the shared secret (or private key for that matter) to the
> > > > client. As such, a missing component here is a on-wire way to ask
> > > > some agent to form this signing operation. The obvious place to have
> > > > this is as an SMTP eubmit extension, although of course other
> > > > approaches are possible.
> >
> > > The usual approach would be to make this implicit by configuring the
> > > client to use a submission server that adds the tag. I'm not sure why
> > > you'd need or want any explicit signalling.
> >
> > That assumes that the only time such an address is needed the goal is
> > always to immediately submit the message for transport using the
> > submission server operated by client's administrative domain. That may
> > not be what I want to do with the message. Just as one example, the
> > client could be remote and could be constained to submit mail to some
> > other server.
> If the client can't use its normal submission server then I don't see what
> use a message submission protocol extension would be :-)
Firsst of all, I said nothing about not being able to use. There are plenty of
reasons (speed, policy, separate environment) why I might be able to reach one
server but prefer or be required to actually use another for submission.
But suppose we are dealing with a case where the server isn't always
accessible. In such a situation a client could go to the server when it is
available, get its address signed, and then cache the result for use when the
server isn't available.
> Since a BATV address is only useful during message transport I'm not sure
> what situations other then message submission you'd want to create one.
The fact that it is useful during transport doesn't mean I always want messages
containinng such address transported immediately and by a given submission
server.
Ned
P.S. One way to finesse this would be to have the submission server echo the
changed address in response to a MAIL FROM. That way a client could get its
address "signed" by starting a transaction, getting the MAIL FROM response, and
issuing a RSET. It's a way to do it with essentially no protocol additions or
changes.
