On Sep 21, 2006, at 4:53 PM, Michael Thomas wrote:
Douglas Otis wrote:
On Sep 21, 2006, at 3:53 PM, Michael Thomas wrote:
o DKIM Strict: the state where the domain holder believes that all
legitimate mail purportedly from the domain are sent with a
valid DKIM signature and that non-compliant services are avoided.
What is difficult to understand with this definition? Is a
definition needed for non-compliant services?
How does this differ from scenario #1?
Note that DKIM Strict is not currently defined, but should be.
Doug, this is completely circular so I give up.
This is a request that a policy state be _defined_ and indicated as
_required_ within the 4.1 use scenario and listed in section 5.3.
The 4.1 use scenarios has been made confusing by not alluding to when
this undefined policy state might apply. Your suggestive
descriptions have been unhelpful.
DKIM Signer Complete is not suitable in this 4.1 but is suitable in
4.2. A more stringent state is required for 4.1 or we have the
following problem:
A- mailing list messages might be accepted when permitting signature
failures from otherwise trusted mailing lists. (An assumption
that steps to prevent signature failures have not been taken that
is not suitable for 4.1)
B- mailing list messages might be blocked when guarding against
phishing attempts. (An assumption that steps have been taken to
prevent signature failure that is not suitable for 4.2)
4.1 requires a policy state that ensures use scenarios 4.1 and 4.2
can be handled appropriately and that a wrong assumption is not
made. Currently this state has not been defined or listed as a
policy requirement.
What are your reasons for excluding and not defining this stringent
policy state?
-Doug
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html
