ietf-dkim
[Top] [All Lists]

Re: Design approach to MASS (was Re: [ietf-dkim] On per-user-keying)

2005-08-09 23:59:32
--- Earl Hood <earl(_at_)earlhood(_dot_)com> wrote:

On August 9, 2005 at 21:46, domainkeys-feedbackbase02(_at_)yahoo(_dot_)com 
wrote:

A core problem with DKIM is that it combines several components
together when they can be separated, allowing for greater flexibility
and choices.  DKIM violates basic software design principles.

You mean a simple, utility-specific, easily-implementable specification
goes
against the grain of basic software design principles? Is that like saying
a
hammer is a bad choice for driving nails because it's not flexible enough
to
apply paint to walls?

A little defensive, aren't we.

Ahhh. You're into assessing  motives again. Here I was thinking you posted your
email because you wanted responses - both positive and negative. Is it because
I disagree with you that you classify me as defensive?

Are you telling me that the digest and canonicalization components
would not be separated out in your implementation where they can be
tested as separate units and be unaware of any DKIM-isms?

As it happens, that's precisely how the code at domainkeys.sourceforge.net does
it already - consequently I'm a little confused about your point.

Are you telling me you do not see any other applications besides DKIM
utilizing header-based signatures?

Well sure. But until they raise themselves in this forum are you suggesting we
should engineer for mythical requirements in preference to known requirements?

Therefore, it appears wise to try design specifications for
header-based signatures that is not tied to a specific key management
model, which DKIM currently does.

I guess I'm confused. You started with an unsubstantiated claim that DKIM
violates "basic software design principles" and when you get into specifics it
appears your main gripe is that the first incarnation of the key management
model is too specific for your liking. So what is the specific concern?

All of which gets back to the same question. What problem are you trying to
coerce DKIM to solve? And why is that important? You allude to "definite
business interests" as a motivation. Can you be a little more specific?


Mark.
_______________________________________________
ietf-dkim mailing list
ietf-dkim(_at_)mipassoc(_dot_)org
http://mipassoc.org/mailman/listinfo/ietf-dkim