In other words, it is starting to look as if the mechanism for enforcing
originator/handling linkages needs separate focus from techniques for
performing authentication.
I am trying to figure out "what you are thinking?"
My note stated, as clearly as I can, what I am thinking.
If the latter, then I believe you need to be straight here on your overall
goals.
Once again, you are seeking to take the group discussion to an ad hominem
focus.
Please stop attempting to discuss people's motives or biases.
Can you clear this right away? I can see why you may not want to make it
harder for standards track issues. But it will help to know what are the
"long range" plans.
My long-range plan is to get the group chartered and to have the group produce
a
useful standard as quickly as possible.
Therefore, my long-range plan is to seek near-term utility with a minimum of
project management risk and the lowest possible barriers to adoption and use.
Dave, lets imagine that DKIM becomes the standard tomorrow and we begin to
receive DKIM messages. We were not DKIM aware yet, but now we see a bunch
of emails with DKIM signatures. So we begin to explore DKIM.
The first thing we notice that there are a much of DKIM signed messages
purporting to be SIGNED from domains which have NO Policy defined or
conflicting signing policies?
How do you expect us to handle this?
In fact the main reason that I question the need to have most/any of SSP --in
the *first* round of standardization -- is that there is quite a bit of utility
in exactly the scenario you describe: A message arrives with a signature.
*ANY* signature. There is quite a bit of useful information derived from
validating that signature, or having the signature fail validation.
There is *MORE* useful information if the validator can know that the signature
ID is "authorized" by the rfc2822.From domain administrator, but that
information is not essential for creating an initial base of utility.
The observation that requiring linkages between identifiers and requiring
domain-wide signing simply follows from this, and noting that we seem to have
3-4 current examples of independent attempts to solve these problems.
Multiple solutions to the same problem impedes Internet-wide interoperability.
d/
---
Dave Crocker
Brandenburg InternetWorking
+1.408.246.8253
dcrocker a t ...
WE'VE MOVED to: www.bbiw.net
_______________________________________________
ietf-dkim mailing list
http://dkim.org