ietf-dkim
[Top] [All Lists]

[ietf-dkim] SSP focus

2005-11-11 16:15:21
Folks,


Having said all of that, I am at a complete loss as to much of this
debate. If SSP isn't formalized in this group then you can be certain
that bi-lateral or non-standard forms will emerge in parallel to
DKIM. Those "select" domain - and we large service providers - view
this component as too integral to authentication to forgo.

My reading of the activity on the list is that it is more about what to formalize first, than whether to formalize anything.

I suggest that we should choose exactly one sender practice to formalize first, and defer all others. This will allow discussion to be extremely focused and maybe even allow us to get a practise published quickly.

Of course, the *framework* for recording this practise in the DNS certainly needs to be extensible...

And, also of course, once the first is issued, we can pursue all sorts of additional formalizations.

The first practise should be simple. It also should be trivial to understand and should have immediate and broad utility.

The best candidate is a flag that says: "the domain associated with the From field signs all its messages."

d/

ps. This is relevant to the charter, in terms of describing the SSP deliverable narrowly.

pps. I believe quite a bit of confusion and distraction is caused by our using the word "policy". It encourages people to think in terms of grand strokes of organizational decision-making. Something more modest, like "practise" might limit the overblown reactions we have seen to this effort to allow signers to indicate how they do things.

d/
--

Dave Crocker
Brandenburg InternetWorking
<http://bbiw.net>
_______________________________________________
ietf-dkim mailing list
http://dkim.org