Eliot Lear wrote:
Mike,
I think it depends on the prevalence of DKIM and the parameters of the
reputation service, which is out of scope and cannot be standardized.
I'm not suggesting it's in scope for anything here, just that as a _threat_
it's akin to any other kind of threat of people doing something Really
Stupid(tm).
And, as well all know, an infinite number is impossible to enumerate. In
this
particular case, it would be the threat of somebody in the business that
really
ought not be if they can't understand why this the wrong behavior.
If this belongs anywhere, it's in a BCP.
Mike
Eliot
Michael Thomas wrote:
Stephen Farrell wrote:
If a domain owner publishes an open policy, and if some "bad"
unsigned messages apparently emanate from that domain then the
domain owner's reputation may suffer.
Why would any rational reputation system make such an assertion?
It is as stupid as holding domain holders responsible in the
absense of dkim or some other identification mechanism: the
domain holder has no way to prevent it. If this is a threat,
then so is "receivers may trash DKIM-signed messages just because
they feel like it", which is true but useless.
Mike
_______________________________________________
ietf-dkim mailing list
http://dkim.org
_______________________________________________
ietf-dkim mailing list
http://dkim.org