--On Sunday, 01 January, 2006 15:49 -0800 Douglas Otis
<dotis(_at_)mail-abuse(_dot_)org> wrote:
...
The risks related to interoperability will more likely result
from assuming authorization authenticates the source. This
authorization strategy may benefit larger domains, but will
be corrosive to goals of interoperability and integrity. To
avoid the misapplication of this mechanism, there are
suitable alternatives to authorization for the DKIM effort.
DKIM offers a significant value without authorization to
establish expectations. Not endorsing authorization schemes
also discourages possible burden-shifting of the short-
comings of DKIM. Hopefully, not allowing this tactic will
lead to a better, safer, and far more fair solutions.
Indeed. And, along the lines of my response to John, and to
Dave's request to be specific, that sort of analysis and
description is _precisely_ what I believe should be required to
be written into text, get WG rough consensus on its
appropriateness and accuracy, and then make its way into the
WG's deliverables.
If agreement on such comments can be reached, I believe that
such a requirement is reasonable and not particularly
burdensome. If such agreement cannot be reached, then I think
DKIM has much more serious problems about applicability and the
definition of the problems being solved than whether or not this
is required.
john
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf