I've read the last few hundred messages on SSP and have concluded this
is a very hard problem! Despite seeing a lot of interesting ideas, I'm
not personally converging on understanding the SSP requirements or the
right SSP solution for a wide range of customer uses.
DKIM base was a reasonably well defined technical problem, something
that technical efforts were well suited to solve. SSP centers very much
around how people want their mail treated/how people will treat others'
email and how they will deploy DKIM policies beyond the simplest From:
domain matches d= domain with no additional complexity. Unfortunately
these problems aren't primarily technical in nature, they're a question
of understanding the range of requirements and use cases and then
bounding the solution to encompass the most critical ones.
So I'm going to go back to basics and solicit some scenarios and use
cases from our customers. We're going to put together a document to
survey a variety of customers and gather their input. It will include an
overview of the base document, questions about how they would like to
use DKIM across different use cases and ask what types of policies they
would like to apply. We'll try to cover the questions being asked on the
list across email marketers, enterprises, ISPs, domain hosting
companies, financial services and others. We'll report back on what we
learn and hopefully it will be useful for SSP.
pat
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html