Dave Crocker wrote:
The SSP specification needs to remove all references to end-users,
human factors, or the like and it needs to remove all consideration of
them from its design.
Absent that removal, the working group needs to develop an empirical
basis for specific human factors assertions that drive the design and
demonstrate working group consensus that these assertions are valid as
well as necessary to the use of SSP.
There's still a lot of experimenting to do before we'll be able to call
any authentication-related user interface element a "best" practice.
Those experiments can't occur until DKIM (and probably SSP) has wider
NOTE WELL: This list operates according to