On Jan 24, 2006, at 10:23 AM, Jim Fenton wrote:
Hector Santos wrote:
I suggest we try to keep away introducing a reputation system into
the algorithm. It can always be added separately and
independently. But as a protocol, I don't think it will be widely
accepted for a few simple reasons - What Reputation System? Whose
Reputation System? What is the "Fancy System?" Will it become a
3rd party central repository? Will there be a buy-in fee?
Republican vs. Democrats?, etc. It is going to very hard to
justify further support when we now have to begin promoting 3rd
party A/R into our product lines.
I wasn't trying to introduce a reputation system into the
algorithm. I'm not even sure whether reputation or accreditation
will prevail when we get to that at some point in the future. The
questions you raise are exactly why we don't want to go down that
rathole.
There is a banal reality that needs to be accepted however. Bad
actors are capable of implementing a valid DKIM signature. Bad
actors are capable of obtaining an account within a large domain,
whether through compromised systems, wireless-access points, free
email-address accounts, subscriptions to list-servers, etc. This
also means the signature itself is prone to replay abuse. There is a
significant challenge ahead dealing with these issues without being
blind to reasonable solutions. While a community list offers less
administrative effort, the same approach may apply to private efforts
made the administrator. There are solutions, but yes they will
likely involve some type of reputation being applied. There are
companies willing to offer something like a DKIM-Adopters-List as a
free service. Creating a list should not be seen as a difficult
obstacle.
DKIM does offer value beyond providing an identifier that is closer
to the source of a possible problem. DKIM can allow the recipient to
recognize the source of their correspondences and know when a source
changes. This does not require the application of any type of
reputation and may well depend upon out-of-band information found
within the message as a method to safely identify the source.
Any expectation that SSP offers value is based upon the expectation
that the recipient can visually recognize the sender by what is seen
with the MUA. There are many reasons to doubt that this is either
safe or sensible.
-Doug
_______________________________________________
ietf-dkim mailing list
http://dkim.org