On Jun 23, 2009, at 12:26 AM, Claudio Telmon wrote:
This seems to mix Internet mail 2000 with the consent framework. You
suggest to put the token in the link, so that the receiver's
notification agent can perform the same selection as the receiver's
MTA in my proposal. While this would be possible, goals are
different and implementations seem to be independent. It should
work, from a technical perspective. However, Internet mail 2000
already has its own deployment issues, so mixing the two things
seems to increase the deployment difficulties, which are already high.
Your strategy requires servicing a method that does not depend upon
"pass-tokens" as a means to obtain them. The task of collecting
source specific tokens represents a fair amount of administrative
effort for both senders and recipients that is likely to be
problematic. Not good.
Spitting the email-address onto separate headers is problematic. In
addition, what one MTA might understand may not apply to the subsequent.
Review how one might use <local-part>"+"<tags> :
http://css.its.psu.edu/news/emailplus.html
Then imagine this acceptance criteria is combined valid DKIM
respondent's messages.
As yet a better alternative, to thwart wasted and undesired exchanges,
an exchange by reference offers an inherent means to authenticate
sources without cryptography, and avoid undesired exchanges.
-Doug
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg