-----Original Message-----
From: dkim-ops-bounces(_at_)mipassoc(_dot_)org
[mailto:dkim-ops-bounces(_at_)mipassoc(_dot_)org]
On Behalf Of Murray S. Kucherawy
Sent: Monday, September 13, 2010 1:06 PM
To: dkim-ops(_at_)mipassoc(_dot_)org
Subject: Re: [dkim-ops] hammering with a soldering iron, was subdomain
vs.
cousin domain
-----Original Message-----
From: dkim-ops-bounces(_at_)mipassoc(_dot_)org [mailto:dkim-ops-
bounces(_at_)mipassoc(_dot_)org] On Behalf Of Hector Santos
Sent: Monday, September 13, 2010 9:58 AM
To: dkim-ops(_at_)mipassoc(_dot_)org
Subject: Re: [dkim-ops] hammering with a soldering iron, was
subdomain
vs. cousin domain
No Murray. But perhaps someone should be because the responsibility
is
now once again shifted from the passive 3rd party signer back to the
visible 1st party 8222.From equal d= domain transaction. As far as
the potential millions of potential receivers are concern, the
Author
Domain is once again responsible for signing the message.
And rightly so, in this scenario. But even if it's a visible
third-party
delegation, now the From: is associated with a third-party and a bad
signature. Are you saying that's better? If so, based on what?
Worst, when the signature fails, the wrong domain brand and unknown
reputation scoring across receivers is negatively hurt.
That would be a poor implementation. A failed signature is supposed
to be
treated as no signature.
Murray,
I think your last comment is perhaps the most interesting one. As John
Levine frequently reminds us as he invokes King Canute, we cannot tell
receivers what to do. I don't know if this association exists, but if
receivers find an association between failed signatures and malicious
email I can just about guarantee you that they will take advantage of
that data point..... Regardless of what the standard says. Bottom line,
a failed signature will be treated in accordance with those things that
a failed signature is perceived to be associated with.
I don't know if we got it "right" in saying how a failed signature
should be treated. Only time will tell.
Mike
_______________________________________________
dkim-ops mailing list
dkim-ops(_at_)mipassoc(_dot_)org
http://mipassoc.org/mailman/listinfo/dkim-ops