* What are we trying to prevent them from doing?
The focus on 'bad actors' is a somewhat limited view in my opinion but I
understand the culture of the security area in IETF needs it done this way.
It's difficult to answer that question in part because what we are trying to
do is *empower the domain owner* in my view - not handcuff the 'bad actors'
It seems likely that, in the long run, signing will primarily be done by good
actors, rather than bad actors. (However it is interesting to note that the
*current* use of SPF apparently is about 90% by spammers...) So, yes, at a
minimum we probably need to have clear and complete language about what we are
trying to do to empower them.
per se. If I can assert some measure of control over who uses my domain
this has value in and of itself.
why?
how?
The rest of your text in this paragraph was about broad effects. I think we
need to describe lower-level, more-mechanical effects.
d/
---
Dave Crocker
Brandenburg InternetWorking
+1.408.246.8253
dcrocker a t ...
WE'VE MOVED to: www.bbiw.net
_______________________________________________
ietf-dkim mailing list
ietf-dkim(_at_)mipassoc(_dot_)org
http://mipassoc.org/mailman/listinfo/ietf-dkim