On Aug 18, 2006, at 2:12 PM, Hector Santos wrote:
The "invalid" flag is not needed, but Hector will want to be able to
list who signs even when the 2822.From is not validated.
Ok, I really don't care how you guys do it.
The bottom line is that DKIM-BASE is unprotected and fails to
answer the
following questions:
o Does the domain ever distribute mail?
o Do you expect the mail to be unsigned?
o Do you expect to sign all mail?
o Is your domain the exclusive signer?
o Are 3rd party signers or signatures allowed?
All this is answered by offering a list of designated domains and
then indicating whether the list is exclusive.
o Are 3rd party signers allowed to strip your original signatures?
This is redundant when a list of designated domains can be asserted
as being exclusive.
This is a 2822.From policy, and as Jim has pointed out, when allowing
a list, a means to signal whether the 2822.From addresses should be
considered valid is needed. I think being able to differentiate
between scenario 1 and 2 is also important. This introduces the
concept of two flags "All" (signed) and "Only" (these used).
A desire to include sources where the 2822.From is not valid requires
three flags: "All", "Only", and "Invalid."
-Doug
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html