----- Original Message -----
From: "Scott Kitterman" <ietf-dkim(_at_)kitterman(_dot_)com>
Sent: Friday, November 11, 2005 8:35 PM
Subject: Re: [ietf-dkim] SSP focus
While there certainly isn't consensus on how much good (if any) SSP will
If it wasn't good, then no one would need to worry. :-)
I read the list differently. Most believe SSP is good, but it might be too
good for certain classes of operations, including good intention businesses,
the poor spammers and people with write bulk mailers who generally feel
transport systems have no say in the matter.
... I think it's pretty clear that there is a solid consituency for
doing the work to see what we can make of it.
The reminder is that SSP is a spectrum of protection from Really Strong
(Exclusive) to Nothing. Each business (domain) will find its fit or none at
IMO, the ideal goal is to get the maximum payoff with maximum backward
compatibility with minimal redesign (cost) and impact on the network. The
compromise is somewhere in-between all four.
To me, whether its SSP or any other ideas, all of them have to be verifiable
concept regardless if the server performs this task or not. Of course,
verification is where the strength comes. That's obvious. The question is
how much you (speaking in general) want to change things to perform this
verification. I think SSP is good enough for its task of protecting domains
for those who want that level. If we want to protect everyone
transparently, well, I think that is going to be hard to reach. It may be
transparent to the USER, but it won't be transparent to implementators.
The reason the email problem has not been solved is because it can not be
Hector Santos, Santronics Software, Inc.
ietf-dkim mailing list