What is the difference on the recipient side between 'I sign no mail' and 'I sign some mail'?
The recipient will not look at the policy record if there is a valid signature and if there is no signature the fact that it might have been signed is irrelevant. The only policy that has use to a recipient is to know that every message without exception is signed. Otherwise there is no utility in the policy record. > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Wietse Venema > Sent: Thursday, September 07, 2006 7:23 AM > To: [email protected] > Subject: Re: [ietf-dkim] user level ssp > > Hallam-Baker, Phillip: > > I think it is entirely likely that bigbank.com would have a > situation > > where the mail servers for its east coast offices were adding > > signatures but the ones for the west coast were not. The > part that is > > less easy to see is whether there is value to the short > term fix. It > > is probably easier to just do the deployment. > > But it is not certain that this will be the case. > > This hypothetical bank can use the hypothetical "I sign some > of my mail" policy until the DKIM roll-out is complete, and > then transition to the "I sign all my mail" policy. > > A per-user mechanism is not the obvious solution for this problem. > > Wietse > _______________________________________________ > NOTE WELL: This list operates according to > http://mipassoc.org/dkim/ietf-list-rules.html > > _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
