Here is why a paper should be written (BCP or not, IETF or not)..
On Sep 13, 2010, at 6:08 PM, J.D. Falk wrote:
They say the former scenario where ESPs sign with their own domains is still
more common, because in general ESPs are more authentication-savvy than their
clients tend to be.
Ah, a deployment decision driven primarily by ignorance... that's an
opportunity for us to educate.
The ESP domain wasn't chosen because anyone thinks it's a better practice,
Ah, even worse, a deployment decision that is not even considered a better
decision, driven by ignorance.
It's because otherwise, they'd be sending unauthenticated mail
So these less sophisticated senders aren't acting as if they are aware of their
options and they are defaulting to a deployment configuration simply because
they don't understand or are not prepared to deploy the alternative.
-- and many in the ESP world fear disastrous deliverability consequences if
they aren't fully buzzword-compliant.
If the ESP's are worried about the sophistication of their clients then they
may not be on the front lines trying to educate their clients of this key
management alternative that more sophisticated senders are deploying.
So, I don't want to argue over whether or not this group (or IETF DKIM) should
publish a BCP around this, I just want to find out sooner than later whether or
not their is a rough consensus to pursue it here or not (then I'll know what I
have to do next).
dkim-ops mailing list