[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: SSP - policy location compatibility with DK
- To: "IETF MASS WG" <ietf-mailsig@xxxxxxx>
- Subject: Re: SSP - policy location compatibility with DK
- From: "Arvel Hathcock" <arvel@xxxxxxxx>
- Date: Thu, 28 Jul 2005 13:40:25 -0500
- Dkim-signature: a=rsa-sha1; c=nowsp; d=altn.com; s=c3po; l=348; t=1122576029; x=1123180829; i=arvel@altn.com; q=dns; h=DomainKey-Signature: Received:Message-ID:Reply-To:From:To:References:Subject:Date: Organization:MIME-Version:Content-Type: Content-Transfer-Encoding; b=lPz4PBUSn75b6dUyVoz1a3lf4UH1DAcHygQ1 RX1zYaRMhnFEhW6pngzYNhTWHDOdJ2dM8g2/plHF1BfwPp3W403TTxDDYX0YywJq xKXX/2QTEc6FFML1/Wl2ZRAfGAVu+fXrsVTObYBMapuuSgnvzVPz7QwpL3vdak2h G4tDlow=
- Domainkey-signature: a=rsa-sha1; s=c3po; d=altn.com; c=nofws; q=dns; h=from:message-id; b=n0nZCHMtrE4MhBjVI9/2nOjMxqYKgnGFa/5SshQFnInn+keK2wN+oO7myl8ouUkv/6fdYurN8XaCRy6oiARCm4FcH5CopCYQkgcg2Xgos4iaqB7BlvlKe/JVWpJpavubaiD7fWfJhijQHq6xGRiKQQ8kbuoxPur79aPmLId/M0k=;
- List-archive: <http://www.imc.org/ietf-mailsig/mail-archive/>
- List-id: <ietf-mailsig.imc.org>
- List-unsubscribe: <mailto:ietf-mailsig-request@imc.org?body=unsubscribe>
- Organization: Alt-N Technologies
- References: <> <> <> <>
- Reply-to: "Arvel Hathcock" <arvel@xxxxxxxx>
- Sender: owner-ietf-mailsig@xxxxxxxxxxxx
Suppose for example that a site signs all messages with only one of the
algorithms (DK for example). A receiver that is DKIM capable would end up
using the senders DK policy and fail the mail.
This assumes the sending site has a policy of "I sign all messages" of
course. But what such a site _really_ means is "I sign all messages *with
DK*". Yet a DKIM verifier wouldn't know the difference. Isn't this
correct?
--
Arvel