On 19 Aug 2005 16:14:06 -0000, John Levine wrote:
A third-party signature is a lot weaker assertion than an OA signature,
unless you know something about the third party.
Seems to me that no signature is useful unless you know something about the
signing party.
That nicely summarizes the problem I have with the fixation of *requiring* a
tie-in to the origination domain.
It's not that the tie-in does not provide incremental benefit. It is that it
is
incremental, rather than fundamental.
Today we have no confirmable domain name identity to assess. With the DKIM
basic mechanism, we do. That's not a small improvement in the world.
DKIM will be useful in the short run because we all have quite a lot of
knowledge about domains with which we exchange a lot of mail, and that lets
us get their mail out of the filtering path.
Exactly.
d/
---
Dave Crocker
Brandenburg InternetWorking
+1.408.246.8253
dcrocker a t ...
WE'VE MOVED to: www.bbiw.net
_______________________________________________
ietf-dkim mailing list
http://dkim.org