On 08/30/2010 10:13 PM, Dave CROCKER wrote: > > > On 8/30/2010 1:10 PM, Rolf E. Sonneveld wrote: >>> I'd suggest that the second item actually be a normative >>> specification of >>> value-added features. This requires a change to the charter, and so >>> it would >>> have to wait until completing the current charter. >> >> can you elaborate on what, in your view, would be part of this normative >> specification? > > merely as an example, I'll cite the usage of DKIM for subscription and > submission validation that has been mentioned a few times. Formally, > using DKIM that way is almost certainly a value-added semantic that > goes beyond the semantics of the DKIM signing specification. That's > ok to do, but requires a normative spec to define the behavior and > meaning.
Can we say anything normative about subscriptions and submissions when the From address (even if DKIM signed- and verified OK) does not necessarily say anything about the identity of the sender? Or, vice versa, can we put more trust/faith in the From address if the domain in the From address is equal to the d= domain value? I assume you mean with subscription and submission validation, the act of permitting/denying someone/some address to subscribe or to submit mail? If so, that's an action in the category 'authorization' and authorization requires authentication as foundation. Please note: I'm not trying to kick off a complete new discussion, but these are real questions that keep me busy. I'd love if the answer to the second question would be: "Yes, IF domain part of From address equals d= domain value, THEN we can use the From address as authentication information", but I believe all discussions on this list have not provided a clear "yes" answer to this question. +1 for taking these items out of the MLM draft and create a separate document for them, although I'm not sure it can be normative or just informational. /rolf P.S. Dave, is it possible to disable greylisting for mipassoc.org or at least for contributions to this list? Now we get sometimes a-synchronous contributions where the answer precedes the question. (And yes, I hate greylisting). _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html