On 5/22/2011 10:43 AM, John R. Levine wrote:
VBR queries are about an actor, not a message.
Certs can be coupled to a particular message -- this was an interesting
semantic distinction about Goodmail's certification scheme -- although I
believe that typically they, too, are only scoped to
On 05/23/2011 11:17 AM, Dave CROCKER wrote:
As an impressive example of even deeper misunderstanding:
More of CROCKER's famed civility.
On 5/22/2011 10:49 AM, Michael Thomas wrote:
But this is exactly what DKIM is. You prove yourself fsvo prove
to the registrar who certifies you
On 5/19/2011 3:17 PM, Murray S. Kucherawy wrote:
-Original Message- From: ietf-dkim-boun...@mipassoc.org
[mailto:ietf-dkim-boun...@mipassoc.org] On Behalf Of Rolf E. Sonneveld
...
recently someone asked me whether it would have any added value if the DKIM
public key, which is stored
through a separate, value-added mechanism. My own preference would be for
using
a special header-field that contains the cert, with the specification of
using
such certs as saying that they are enabled when included in the set of h=
covered header fields.
I don't see how this is
On 5/22/2011 10:27 AM, John R. Levine wrote:
through a separate, value-added mechanism. My own preference would be for
using
a special header-field that contains the cert, with the specification of
using
such certs as saying that they are enabled when included in the set of h=
covered
VBR queries are about an actor, not a message.
Certs can be coupled to a particular message -- this was an interesting
semantic distinction about Goodmail's certification scheme -- although I
believe that typically they, too, are only scoped to the actor, not the
specific content.
Now
On 05/22/2011 10:27 AM, John R. Levine wrote:
It occurs to me that since mail certification is likely to make assertions
about behavior as well as identity, the SSL model in which certs last for
a year won't work, since behavior can change rapidly. Either the
certifier has to issue a stream
But this is exactly what DKIM is. You prove yourself fsvo prove
to the registrar who certifies you by virtue of placing your NS
records in the root servers instead of issuing a cert.
Registrars, as we all know, rarely check any credential beyond the
confirmation code from the credit card
On May 22, 2011, at 12:27 PM, John R. Levine wrote:
It occurs to me that since mail certification is likely to make assertions
about behavior as well as identity, the SSL model in which certs last for
a year won't work, since behavior can change rapidly. Either the
certifier has to issue
John R. Levine wrote:
But this is exactly what DKIM is. You prove yourself fsvo prove
to the registrar who certifies you by virtue of placing your NS
records in the root servers instead of issuing a cert.
Registrars, as we all know, rarely check any credential beyond the
confirmation code
-Original Message-
From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim-boun...@mipassoc.org]
On Behalf Of Rolf E. Sonneveld
Sent: Thursday, May 19, 2011 2:33 PM
To: IETF DKIM WG
Subject: [ietf-dkim] Certifying the DKIM public key?
Hi, all,
recently someone asked me whether
recently someone asked me whether it would have any added value if the
DKIM public key, which is stored in DNS, would be 'certified' in some
(yet to be determined) way by a 3rd party like VeriSign, Thawte etc.?
Sure. See RFC 5518.
R's,
John
___
NOTE
12 matches
Mail list logo
