> Now, Keith will no doubt argue that DKIM is of marginal value at best unless
we
> extend it into these areas. Simply put, I disagree. For example, even in the
> absence of SSP DKIM at a minimum provides a service that can make
> whitelisting/blacklisting far more reliable.
I strongly disagree. If DKIM is used in this way it can only address a
one or two of the several problems with blacklists - one of which is
granularity and the other is the frequency with which IP address blocks
get reassigned to other parties - particularly when they get
blacklisted. I've seen too many problems with blacklists that were
unrelated to either of these.
Some progress... By your own admission DKIM _does_ address "one or two of the
several prolems". That's good enough for me, especially when attempting to
further is a recipe for disaster. And seem to recall you arguing very
vociferiously a few IETFs back that we need to pursue mutiple mechanisms, each
only capable of solving one or two problems.
Simply put, blacklists lie. More generally, any time a party (e.g. a
blacklist) is entrusted to make decisions on behalf of a huge number of
parties with diverse interests and needs (recipients), it's going to
make a poor decision a significant fraction of the time. Some
blacklists are more responsible than others, but I haven't yet seen one
that, if trusted to block mail, doesn't block a significant amount of
legitimate mail.
I don't see how the issue of whether or not it is appropriate to trust third
party accreditation services is in any way relevant to the matter at hand.
Ned
_______________________________________________
ietf-dkim mailing list
http://dkim.org