domainkeys-feedbackbase02(_at_)yahoo(_dot_)com wrote:
--- Michael Thomas <mike(_at_)mtcc(_dot_)com> wrote:
domainkeys-feedbackbase02(_at_)yahoo(_dot_)com wrote:
To me it's like call-forwarding on your phone. If you get a phone call you
don't want, are you going to blame your call-forwarding service for doing
the
job you asked them to do?
Yes, but then there are zombies, open relays, etc, that are
Right. But I think that addresses a different question. Zombies are
accountable, but would they claim to be?
Who knows? I mean, if mail eventually needs to be
signed before it's accepted by the masses, they may
well be forced to sign -- or find some other transport
vehicle.
It's more the inverse issue I was thinking about - where you have multiple
parties wanting to claim accountability. What assurance does each party have
that their claim has the right relevance compared to other claims?
See my other post.
If one List signs to indicate that it is accountable for the content and
another signs merely to indicate that the traffic did really get forwarded via
the List - how does a recipient make that distinction and act accordingly?
As I've said elsewhere, I'm rather suspicious of
introducing roles that a receiver has no way to know
if it can trust or not (in the general case). In that
case, a receiver wouldn't be able to know or act on
any difference. What is interesting to me is whether
in conjunction with other means -- reputation services,
local knowledge, etc -- it provides value. But my bet is
that we just don't need to go here at all for the time
being since it would be pretty straightforward to add
new tags identifying roles, and that can be pretty safely
done in a completely experimental way (= non standards
track).
If that distinction is solely in the hands of the recipient, what instructions
do we give to second-and-subsequent signers about the impact and benefits of
adding a signature?
Do we need to? I mean, I don't think that we give things
that add Received headers such advice now, and they are
-- for better or worse -- used in a similar capacity. The
one thing that legitimate signers have going for them is
that it is in the interest of receivers to let pass legitimate
mail -- usually erring on allowing more false negatives. More
information -- especially information that provides carrot and
stick for sender -- it seems to me, will allow receivers to
better triangulate on the good from the bad which is pretty
good incentive to sign since the likelihood of being a false
positive is reduced.
Mike
_______________________________________________
ietf-dkim mailing list
http://dkim.org