ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-dkim] a bit of philosophy on working group productivity andscope

2005-08-14 15:49:35
from [Arvel Hathcock] [Permanent Link]
Dave, what is it exactly that you are suggested we agree to and why? Is it that you want to make lookups on unsigned mail optional? What would doing that achieve? We'd all still have to agree on how it gets done for the sake of those who implement the optional. So, if your position is that the additional complexity involved brings doom to the process, you can't escape that by this move. Or, do you suggest we remove draft-allman-dkim-ssp as input into the process completely? 

--
Arvel
----- Original Message ----- From: "Dave Crocker" <dhc(_at_)dcrocker(_dot_)net> 
To: <ietf-dkim(_at_)mipassoc(_dot_)org>
Sent: Sunday, August 14, 2005 11:36 AM
Subject: [ietf-dkim] a bit of philosophy on working group productivity andscope 



Folks,



>  what is the most minimal enhancement that would make
>  you happy TODAY?
>
>  define requirements that dkim satisfies, without
>  actually saying anything about the details of dkim itself.
>
 Why the "most minimal" qualifier in your question?  We are capable of
 producing something more than the bare minimum.
Here is our current reality: As of this moment, it is not clear that we are 
capable of producing anything at all.

There is no existence proof for real success in this arena of
standardization. The DKIM effort has no track record of success in the IETF. 

Until we change that, we are working with hopes and dreams, not reality.
When an effort starts, the more difficult the topic and the more diverse the participation, the higher the risk of standardization failure. As with any high-risk project, the first goal needs to be to demonstrate usefulness, ie, 
success.
In the long run, we probably very much *can* produce something more than the 
bare minimum.  Something a lot more.

But first we need to do *anything at all* that is useful.
That means targeting the smallest bit of useful output that we can agree to, and 
*later* building upon it.

As of today, there is no standardized transit-time message authentication
technique. If we can produce a standard that permits validating ANY identity 
with a signed message, we will have created a stable base for all sorts of
enhancements.

Enhancement obviously include: associating it will other identities in the
message, using the *absence* of a signature as significant with respect to the policies of some identity, determining the wonderfulness of the signing identity (ie, using standardized access to reputation and accreditation services), and so 
on.

Until we have the core mechanism of signing a message and validating that
signature, we have nothing but fantasy.



 d/
 ---
 Dave Crocker
 Brandenburg InternetWorking
 +1.408.246.8253
 dcrocker  a t ...
 WE'VE MOVED to:  www.bbiw.net



_______________________________________________
ietf-dkim mailing list
ietf-dkim(_at_)mipassoc(_dot_)org
http://mipassoc.org/mailman/listinfo/ietf-dkim






_______________________________________________
ietf-dkim mailing list
&lt;http://dkim.org&gt;
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] a bit of philosophy on working group productivityandscope, Arvel Hathcock
Next by Date:  Re: [ietf-dkim] a bit of philosophy on working group productivityandscope, Arvel Hathcock
Previous by Thread:  Re: [ietf-dkim] a bit of philosophy on working group productivityandscope, Arvel Hathcock
Next by Thread:  Re: [ietf-dkim] a bit of philosophy on working group productivity and scope, Keith Moore
Indexes:  [Date] [Thread] [Top] [All Lists]