Doug,
Douglas Otis wrote:
On Jan 14, 2006, at 11:33 AM, Stephen Farrell wrote:
The concern is not about leveling the playing field, but rather not
giving the large domain a powerful club with which to beat the heck
out of smaller domains. This requires avoiding any reason or excuse
for an open policy to be published.
I don't get your logic there. What is the relationship between domain
size and SSP that gives rise to a (technical) threat? I don't believe
there is one.
a) The severity of the threat of being held culpable for an open-end
policy reduces as the domain size increases.
Ok. So this is purely subsidiary to your point about open policies
being unfair. I understand now. As I'm not convinced that that point
represents a valid threat I personally don't think that this one
warrants mention either.
When the signing/email domains don't match and "some legitimate
messages are not signed or are signed by others" policy is
discovered, how does this relate to what what messages are conformant?
That's up to the verifier and not in scope of threats. We might want
to discuss a bit when its time to do SSP, but absent any demonstrated
threat, its definitely for later I believe.
Contemplating how DKIM may be implemented is beyond consideration?
(Feel free to be contemplative! I'd imagine that involves less typing:-)
If you have some precise, realistic scenario to propose that's ok. But
I for one won't answer inexact open questions such as the above since
I'm not interested in prolonging this thread - which would be the
inevitable consequence of attempting an answer. No thanks.
I think we're done on this in terms of being productive, so I suggest
we give people a chance to catch up, and Jim a chance to get another
revision out (as he's asked).
Stephen.
_______________________________________________
ietf-dkim mailing list
http://dkim.org