On Dec 22, 2005, at 4:50 PM, Mark Delany wrote:
The DKIM proponents are saying they want something close to the
current spec as they think it will work, they think it solves their
need and they think they can deploy it. I think it's fair to say
that most of the DKIM proponents have not come to this conclusion
lightly.
The not-DKIM proponents want something better, for some value of
"better". What the not-DKIM proponents have failed to do is
identify who wants their "better" or who will deploy their
"better". In other words, why is it really "better"? Apart from
esoterics of course.
Three approaches to challenging the DKIM proponents are to
a) question their competence
b) question their diligence in arriving at their proposal
c) convince them that "better" will improve their market-share.
If I can be presumptuous Eric, I believe you're targeting c). If so,
can you elaborate?
Adoption will suffer due to inordinate lookup requirements at the
receiving MTA. Every message must perform multiple lookups to
discover closed-policies found for a fractional percentage of the
email-domains. Relief from abuse requires reputation services. For
reputation services, solutions for abusive message replay must be
found. The current draft also lacks solutions in this area as well.
The only discernible strategy seems to shift accountability onto the
often hapless email-address domain owner, rather than the DKIM
signer. Note who should receive the complaints.
Being in favor of DKIM as a means to enhance the SMTP transport does
not extend to the SSP draft where many at the last BOF suggested this
mechanism had several problems. Adopting a recognition strategy
offers a reasonable solution and there are other possible solutions.
The clearly broken solution is the SSP draft however.
Issues related to the use of a CERT RR would be examples of
engineering that may depreciate some of the existing
implementations. Changes in hash functions, signature options,
defined roles, or limiting the number of signatures are areas where
changes must occur with little guidance from the existing drafts.
I assume you meant adoption, but perhaps I should ask what market-
share means to you?
-Doug
_______________________________________________
ietf-dkim mailing list
http://dkim.org