ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] is this a problem or not?

2005-10-31 08:52:40

Ned Freed wrote:

> What we have is a very early draft. Nothing more. People seem to be arguing as
> if this draft was in last call and needs to be problem free in its present
> form. It isn't and it doesn't.

I think that this summarises the thread nicely. There's work needed to
either re-do ssp so that the perceived problems go away, or else to
clearly document the problematic cases that remain, or some
combination of the two.

Or perhaps even abandon the whole space as unworkable. I really don't want to
see this happen, but given the whole SPF v. senderid thing I think we have to
at least admit there's some possibility it will.

> I would support the aadition of some language to the charter saying that 
should
> a policy declaration mechanism be produced it must carefully discuss its
> intended scope and elaborate any issues that can arise with its use. But 
that's
> as far as I would go.

I'm not sure that that's needed, now that our current draft charter
contains the following:

    The DKIM working group will produce summaries of the threats that are
    addressed by the standards-track specifications, while acknowledging
    their limitations and scope.  The DKIM working group will also
    produce security requirements to guide their efforts, and will
    analyze the impact on senders and receivers who are not using DKIM,
    particularly any cases in which mail may be inappropriately labeled
    as suspicious or spoofed.

Point taken. I had forgotten about the "limitations and analysis" language
in there.

Though I guess we could extend that to say:

    ...analyze the impact on senders and receivers who are, or are not,
    using DKIM, ...

Or something similar.

I wouldn't object to such a change but I don't insist on it either.

                                Ned
_______________________________________________
ietf-dkim mailing list
http://dkim.org