On Tue, Oct 30, 2007 at 03:28:12PM -0700, Douglas Otis wrote:
> The issue whether the i= identity has been validated in some fashion can
> not be answered without some specific additional assertion added to DKIM.
I'm really having trouble understanding that since i= must be part or
equal to d=, w
Arvel Hathcock wrote:
Hi all!
I can easily see how the new "handling" tag might be perceived as
backward progress on what's been an important theme for a while: the
notion that SSP should not dictate receiver action. Personally, I think
we've become a bit too sensitive on that front. Regard
On Oct 30, 2007, at 12:42 PM, Arvel Hathcock wrote:
Just one suggestion.I would rewrite the second sentence like this:
"This practice would be used by those domains who wish to
emphasize security over deliverability of their messages."
Unless the "From" field is specifically asserted
Hi all!
I can easily see how the new "handling" tag might be perceived as
backward progress on what's been an important theme for a while: the
notion that SSP should not dictate receiver action. Personally, I think
we've become a bit too sensitive on that front. Regardless, some text
at the
Yet more suggestions:
4.1 DNS Representation
"Sender Signing Practices records" -> "Sender Signing Practices
Records" (assuming you agreed to the previous suggestion of making this
an explicit definition change in 2.7).
"Records not in compliance with that syntax or the syntax of
Just one suggestion.I would rewrite the second sentence like this:
"This practice would be used by those domains who wish to emphasize
security over deliverability of their messages."
and leave out the bit about what we think the typical use case for this
might be. In fact, since none o
Some additional suggestions:
2. Language and Terminology
One thing that was a clear take-away form the recent Interop
event was that we must have a clear definition of "signing identity".
Please consider adding this definition somewhere:
2.x Signing Identity - The "Signing Identi
Some minor suggestions:
1. Introduction
Second and third paragraph potential rewrite:
"However, the legacy of the Internet is such that not all messages
will be signed. Therefore, the absence of a signature is not an a
priori indication of forgery. In fact, during early phases of DKI