ietf-dkim
[Top] [All Lists]

RE: [ietf-dkim] DKIM proposed charter tweak

2005-11-02 09:34:48
Would like to change the following 
"While the techniques specified by the DKIM working group will not
prevent fraud or spam, they will provide a tool for defense against
them by allowing receiving domains to detect spoofing of known domains."
to 
While the techniques specified by the DKIM working group will not
prevent fraud or spam, they will provide a tool for defense against
them by assisting receiving domains to detect spoofing of known domains.

allowing makes an assumption that it is guarrantied to work, assist gives a 
clear impression that its a tool that may work. 
thanks,
Bill Oxley Cox Communications

-----Original Message-----
From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org on behalf of Barry Leiba
Sent: Wed 11/2/2005 10:30 AM
To: ietf-dkim(_at_)mipassoc(_dot_)org
Subject: [ietf-dkim] DKIM proposed charter tweak
 
After some discussion with IESG/IAB folks, I have an update to the
proposed DKIM charter that I want to float here.  The change is to the
third paragraph, and relates to our not defining actions taken by the
verifier when verification fails.  The thought was, and I agree, that
while it's true that we want (need) to leave this up to implementers
and sys admins, it's not a good idea to have people just make it up,
without
some guidance and analysis.  So here's my proposed replacement for the
third paragraph in the proposed charter:

------------------------------------------------
While the techniques specified by the DKIM working group will not
prevent fraud or spam, they will provide a tool for defense against
them by allowing receiving domains to detect spoofing of known domains.
The standards-track specifications will not mandate any particular
action by the receiving domain when spoofing is detected.  That said,
with the understanding that guidance is necessary for implementers, the
threat summary should document a reasonable set of possible actions and
strategies, and analyze their likely effects on attacks and on normal
email delivery.  The DKIM working group will not attempt to establish
requirements for trust relationships between domains or to specify
reputation or accreditation systems.  
------------------------------------------------

Comments ASAP, please.

Barry

--
Barry Leiba, Pervasive Computing Technology  
(leiba(_at_)watson(_dot_)ibm(_dot_)com)
http://www.research.ibm.com/people/l/leiba
http://www.research.ibm.com/spam

_______________________________________________
ietf-dkim mailing list
http://dkim.org


_______________________________________________
ietf-dkim mailing list
http://dkim.org