Eric,
Thank you for your comments.
Indeed, if what you wanted to do
was stop message forgery as a general case, you would have to
consider the issue of forgery by other authorized users in
the same administrative domain, which generally leads to an
S/MIME style solution.
While it is true that a wide deployment of S/MIME may limit forgery, it
is perhaps not the only way, and so let me suggest that where you say
"generally" we are now outside that realm.
Here the problem is broken into several parts: verification that a
message came from an administrative domain and verification within the
administrative domain. Mechanisms exist within an administrative domain
to verify identity of a sender. Those methods can be improved.
Dramatically, IMHO. But that needn't be something for DKIM.
To tackle *spam*, reputation must be considered. That needn't be done
by DKIM but it must be done. I haven't seen a strong argument that the
reputation component should be done within the IETF, as no protocol
requirements to do it have been identified. What is clear is that
reputation cannot be considered without something like DKIM.
Would you agree or disagree with the above statements?
All the best,
Eliot
_______________________________________________
ietf-dkim mailing list
http://dkim.org