John R. Levine wrote: > Putting on my native speaker of American dialect hat, I don't see a useful > difference between "responsibility" and "some responsibility" in this > context. In practice they mean the same thing, and neither means "total > responsibility."
Agreed. > If someone goes to the effort of signing a message and publishing a > validation key, they have taken some responsibility for the message. On > the other hand, if you then complain to them about it, and they tell you > to get stuffed, that's the end of it. (You might stop accepting their > mail, but that's outside the scope of DKIM.) It's some responsibility, > but it may not be very much. > > So pick one and be done with it. It doesn't matter which one. The issue is that its too vague and incomplete especially when there is an unknown and unrestricted RE-signers involved as part of the framework. What does responsibility actually mean? Does it mean that the last signer is the blame or part of the blame for any harm caused? Does the last signer absolve all previous signer(s) responsibility? Is this something the original domain signer is aware of? "INFORMATIVE NOTE: DKIM allows resigners to operate. When a resigning takes place, all previous signer domains no longer have a responsibility for the message." Of course, in a perfect integrated protocol world, one could add statements about POLICY restrictions, but that would be a taboo here at this point. Maybe it can be stated another way to provide the concept of absolving domain responsibility. -- Hector Santos, CTO http://www.santronics.com http://santronics.blogspot.com _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html