Hector,
On Aug 11, 2005, at 7:45 PM, Hector Santos wrote:
Well, Andrew, atleast for me, I would really like to be part of
this effort,
but I can't help but feel it is a becoming a waste of time.
I'm sorry that you feel this way. And I'm sure there is not much I
can say to make things better, other than to suggest that our best
way forward is to address the task at hand.
That said, the OA SSP verification issue, to me, is the most
important issue
in DKIM and to me, it is a near show stopper for DKIM acceptance.
If it has not been said yet, this issue plays right into the key
questions:
- What does DKIM solve?
- What are the benefits?
- What are the negatives?
- Where are the holes (Exploits, Bad Actors, Bad middle ware, Risk)?
- Can it be done?
Expressed as an exploit and stating how the bad actors take advantage
of this hole would seem to be valuable, if not for the threats
analysis then for the security considerations.
-andy
_______________________________________________
ietf-dkim mailing list
ietf-dkim(_at_)mipassoc(_dot_)org
http://mipassoc.org/mailman/listinfo/ietf-dkim