ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-dkim] Reading the entrails, was Moving to consensus

2009-03-22 17:28:45
from [Hector Santos] [Permanent Link] 
Douglas Otis wrote:

On Mar 22, 2009, at 8:01 AM, SM wrote:


I don't see much benefit in using DKIM for a blacklist model where  
we have to play catch-up with the "bad guys".


Agreed, but DKIM will likely become a hybrid of acceptance and  
provisional blocking.


Likely? I'll bet it!

I think it is incomprehensible to believe systems today, including 
many own by some here, have the tolerance or will have the tolerance 
to accept anything they don't like or deem as bad, nuisance, 
especially if they can detect it and it comes with new level of 
authority to reject it, bets your boots it will happen.

Look at it this way:

     - How can you stop it?

If we don't have POLICY, there is all the evidence out there this will 
become YAWP (Yet another Wasted Protocol), another high overhead and 
bandwidth DomainKeys and with some systems already doubling it up, 
DKIM + DOMAINKEYS, even higher wasted bandwidth.

If there is no payoff, it will be ignored, just like Domainkeys.
Thus far, I see no payoff. Where is the payoff?

Dave says,

    A DKIM signature means that whoever controls the DNS
    entry for the SDID is making some responsibility for
    the message.  A random bad actor, out there in the
    wilds of the Internet, cannot use that SDID.

    This is the core benefit of DKIM.

Well, many will see the this core benefit when REJECTION and 
ACCEPTANCE was the measurable value - the payoff.  To assume
only ACCEPTANCE is the payoff, is neglecting the important of
measurable failure.

The mindset of the 80s, 90s is being repeated here that was 
erroneously written in stone in 2821:

    This specification does not further address the
    authentication issues associated with SMTP other than to
    advocate that useful functionality not be disabled in the
    hope of providing some small margin of protection against
    an ignorant user who is trying to fake mail.

Lets not repeat, by some estimate, $13-$15 billion world wide, in the 
words of Bush "under misestimation".  We don't need 1, 2, 5 nor 10 
years to realized that mail abuse will not be tolerated.  It isn't 
today. Why would DKIM make it more tolerable?

-- 
Sincerely

Hector Santos
http://www.santronics.com


_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] Reading the entrails, was Moving to consensus, SM
Next by Date:  Re: [ietf-dkim] Reading the entrails, was Moving to consensus, John Levine
Previous by Thread:  Re: [ietf-dkim] Reading the entrails, was Moving to consensus, Douglas Otis
Next by Thread:  Re: [ietf-dkim] Reading the entrails, was Moving to consensus, John Levine
Indexes:  [Date] [Thread] [Top] [All Lists]