Murray S. Kucherawy wrote:
Dave CROCKER wrote:
Folks should be explicit about making and documenting this choice:
Is the information being provided about DKIM or about a validated
We want to validate the domain name. How that's done is less important,
although choosing something easily adopted is certainly preferable.
That DKIM seems the most obvious approach doesn't mean it's the only
one, or that it's the one this draft needs to recommend as a SHOULD.
I'd be fine being generic and saying the administrator has to find some
way to secure that channel. In fact, I think that's where we are now.
I tend to agree that this is the best way forward.
However, I suspect there are as many ways to do that as there are e-mail
architectures out there. Thus, saying the channel SHOULD be secured and
then simply suggesting DKIM as one way to do so would be sufficient for me.
Speaking personally, that would be fine with me (but I will reply
separately to your original message in more details)
The remark about not complicating mail systems any further seems to be
where I'm focusing. Given that any participant in this system will need
to know which MTAs it can trust, any solution will have that problem to
solve. I don't think any of the proposed solutions I've seen are more
complicated than the next. So how do we go about picking one?
NOTE WELL: This list operates according to