dkim-ops
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [dkim-ops] Q: "dkim=discardable"

2008-10-30 13:31:30
from [MH Michael Hammer (5304)] [Permanent Link] 



-----Original Message-----
From: John R Levine [mailto:johnl(_at_)taugh(_dot_)com]
Sent: Thursday, October 30, 2008 12:26 PM
To: MH Michael Hammer (5304)
Cc: Byung-Hee HWANG; dkim-ops(_at_)mipassoc(_dot_)org
Subject: RE: [dkim-ops] Q: "dkim=discardable"


I think most of the likely candidate domains for using "discardable"
would disagree with your assertion John.


Then I have to say that they don't understand what discardable means.
Really, it says feel free to throw our mail away if you have the least
doubt about it.  


Is that really what it says? Or is that your personal qualitative
interpretation of something which is not as whimsical as you are
presenting it.

What that ADSP discardable record published by a sender is saying is
that all email for this domain is signed and if a signature is missing
or fails to validate it is safer (from the receivers perspective) to
discard the email than for it to be delivered to the recipient with the
consequental potential for phishing, trojans, identity theft, etc.

I agree with you that "discardable" is not for most senders. I was not
in favor of ADSP being as narrowly defined as it ultimately turned out
but I was comfortable with the outcome because it addresses my
needs/goals as a sender and helps receivers with respect to identifying
email from the domains I'm responsible for. Even as someone who intends
to publish "discardable" records, I'm certainly going slowly and will
start with "all".


This chronic misconception is the main reason that I
doubt that discardable will be useful in practice, since only a small
fraction of people who assert it will truly understand what they've

said.




This is like anything else. If people do things they don't understand in
ways that cause bad outcomes, they will either adjust what they are
doing or incur the consequences. For example, if a person publishes a
DKIM record along with ADSP and the public key expires did they really
intend to have mail discarded? Probably not. On the other hand it is
their responsibility to ensure that their records are in order and that
their practices are such that those practices match what they assert.

Mike

_______________________________________________
dkim-ops mailing list
dkim-ops(_at_)mipassoc(_dot_)org
http://mipassoc.org/mailman/listinfo/dkim-ops
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [dkim-ops] Q: "dkim=discardable", John R Levine
Next by Date:  Re: [dkim-ops] Q: "dkim=discardable", John R Levine
Previous by Thread:  Re: [dkim-ops] Q: "dkim=discardable", John R Levine
Next by Thread:  Re: [dkim-ops] Q: "dkim=discardable", John R Levine
Indexes:  [Date] [Thread] [Top] [All Lists]