Folks,
Frankly, I think this is a huge step backwards. You're changing the
charter
from discussing the goals of the service we're trying to define to
discussing
the details of the mechanisms we use to build the service. IMO this is
going
down a path that is likely to cause far more problems than it solves,
as it
invites confusion with efforts to define very different services using
similar
mechanisms.
...
The existing charter was careful to distinguish between service and
mechanism. Let's please try and keep that distinction.
This is a point that Ned has been stressing and I believe he is entirely
correct.
The benefit of having our discussions consider mechanics as "merely"
secondary, so that we maintain a focus on goals/purpose, strikes me as
massive.
DKIM is _not_ an alternate signature service, and that's precisely the
point.
DKIM only uses signatures as a means to an end, and the end is not to
provide a
nonrepudiatable signature covering the message. Rather, it is to
provide a
means whereby someone can assert responsibility for a message. This is
a type
of authorization service, not a signature service. We are forced to
use digital
signatures as a mechanism because the service has to deal with forgery
and
replay attacks, but that's an (unfortunate) implementation detail.
The main reason I am posting this response is in the hope that folks
will (re-)read the text of Ned's that I have quoted.
I believe a very great deal of confusion will be avoided if we can all
embrace this one, main concept that he has so nicely distinguished.
d/
_______________________________________________
ietf-dkim mailing list
http://dkim.org