ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: [ietf-dkim] draft-fenton-dkim-threats-00

2005-10-10 10:32:51
from [Hallam-Baker, Phillip] [Permanent Link] 
Just for the record I find the functionality provided by DKIM core plus my PKIX 
certs draft to be acceptable.
 
The only undertaking I need from this point from this working group to either:

1.      
        Agree that the mechanism choosen for linking X.509 certificates to key 
records will avoid unnecessary incompatibility with the proposed draft.
2.      
        Tell me NOW before I start deployment what changes I should make.

It will be harder to return to such issues after deployment of DKIM-SL begins 
(DKIM Secure Letterhead). However I since suspect I am the only person in the 
group who really cares about the details of this linkage it probably isn't a 
major issue.
 

From a purely marketting point of view I think that it will be hard to sell 
DKIM as a completely invisible infrastructure authentication mechanism. We 
already have that problem with SPF.

 
This is not actually a big problem from the point of view of DKIM at this point 
in time. Until we are sure we have got the core right it is better to NOT have 
too many users.
 
The problem from my end is that the Trusted Third Party industry is a 
multi-billion dollar industry and it takes a significant amount of time to get 
it to focus on a particular direction. There is a lot of built in inertia. So I 
have to be working now if we are going to have a hope of having the industry 
where we want it to be in 12 months time when we will want as many users as 
possible.
 
 
Remember that the point of this exercise is to meet the requirements to deploy 
DKIM. These are a specification that implementers can be confident is stable 
and a community committed to deployment.
 
 
________________________________

From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org on behalf of Arvel Hathcock
Sent: Fri 07/10/2005 9:53 PM
To: ietf-dkim(_at_)mipassoc(_dot_)org
Subject: Re: [ietf-dkim] draft-fenton-dkim-threats-00




Repudiation prevention is a nice goal.  There are lots of nice goals.
Would it be reasonable to have an open-ended pursuit of all the nice goals
that DKIM *might* be modified to assist in achieving?

I don't think so, unless the goal here is to have endless abstract
discussion, rather than to expedite standardization of DKIM.


And expediting the route to standardization is very important for many who
are waiting for this process to move forward.  The capability DKIM provides
as-is I find to be completely acceptable, irrefutable, and immensely useful
and I've heard the same from numerous CEO's/Executives of other companies -
many of whom are lurking on this list now and who I would encourage to speak
up.

--
Arvel



_______________________________________________
ietf-dkim mailing list
http://dkim.org




_______________________________________________
ietf-dkim mailing list
http://dkim.org
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: [ietf-dkim] New DKIM threat analysis draft, Hallam-Baker, Phillip
Next by Date:  Re: [ietf-dkim] New DKIM threat analysis draft, Douglas Otis
Previous by Thread:  RE: [ietf-dkim] draft-fenton-dkim-threats-00, Hallam-Baker, Phillip
Next by Thread:  Re: [ietf-dkim] draft-fenton-dkim-threats-00, Earl Hood
Indexes:  [Date] [Thread] [Top] [All Lists]