On Sat, 5 Aug 2006, John L wrote:
In no way does accreditation=DKIM
But policy records are in a way. Lets look at it in general -
policy record is just a statement of what sender believes to
be true about their email system setup and how receiver can
use the email..
Accreditation is basically the same thing but the difference
is that its not sender directly saying it but that sender asked
(paid) some other party to provide this information to the
public (and depending on how good accreditation service is
they might go through some sort of checks to verify its true;
in the end its still that accreditation service has been paid
by the sender and is thus not true neutral party no matter
what they say). Another slight difference is that accreditation
focuses more on the "use of the email" rather then email system
setup. Reputation is actually highly similar too but in that
case it only answers about "use of the email" from perspective
of 3rd party that has [hopefully] nothing to do with the sender.
We could in fact have a system/protocol that accommodates all of
these at once. The difference would be that for "policy record"
the answer would be found directly at the service run by the
sender (or whoever appears to be the sender in case you need
to check on that). In the case of accreditation you'd ask some
3rd party chosen by the sender where as with reputation you'd
ask 3rd party chosen by the receiver. The questions asked could
all actually be the same and could even be if that party always
sends signed email.
As far as example given by John [FDIC and banks], I think its
special corner-case because banks members of FDIC so what
FDIC does is answer a question if they are member or not
and there is no doubt that FDIC is only place to reliably
find this out. However if a bank were to have paid some
other 3rd party to say this bank belongs to FDIC, I'd not
believe it much more then if bank itself said that directly
(in fact lawyers would say it should be believed less).
NOTE WELL: This list operates according to