ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-dkim] Re: Attempted summary

2006-01-24 17:25:09
from [Jim Fenton] [Permanent Link] 
william(at)elan.net wrote:

Jim,

What I actually saw (and granted I did not had enough time to participate
and read-all posts last week) especially from Stephen's summary is
confirmation of what I thought was true of DK is also true of DKIM -
i.e. that it can not handle mail lists well. I firmly believe that
without being able to handle mail lists the SSP component as you call
it would not be something that everyone wants to adapt (especially
since you're proposing to do it all on per-domain basis and [non]use
of mail lists
is largely per-user decision where as for entire domain, typically at
least some others are using mail list). It is unfortunate that due to
how some IETF activists bypassed MASS, the situation is such that we'd
not be able to solve the forgery issue and best you'd achieve is some
value for use with ever more complicated spam filters.

"Adopting" SSP [I assume you mean adopt rather than adapt] is different
from publishing a very restrictive SSP record.  While a lot of domains
might want to publish policies prohibiting third-party signing and the
like, only a small number of domains really use email in a manner that
permits this.  It's still worthwhile to have for those originators that
don't use mailing lists.

In the current -ssp draft, there is an option to extend SSP to
individual addresses.  It has significant overhead, however, and I'm
uncertain as to whether it's a sensible tradeoff between overhead and
functionality.

I don't know how "bypassing MASS" prevents us from solving technical
issues with DKIM.  If you have a specific suggestion (preferably one
that is within the group charter), please propose it.



I wasn't trying to introduce a reputation system into the algorithm.
I'm not even sure whether reputation or accreditation will prevail when
we get to that at some point in the future.  The questions you raise are
exactly why we don't want to go down that rathole.


If you assume that reputation & accreditation would not prevail the value
of DKIM evaporates almost entirely.

I think this depends on what you think the value is.

-Jim
_______________________________________________
ietf-dkim mailing list
http://dkim.org
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: [ietf-dkim] New Issue: Introduction lacks the introduction of SSP, Bill.Oxley
Next by Date:  Re: [ietf-dkim] Re: Attempted summary, william(at)elan.net
Previous by Thread:  Re: [ietf-dkim] Re: Attempted summary, william(at)elan.net
Next by Thread:  Re: [ietf-dkim] Re: Attempted summary, william(at)elan.net
Indexes:  [Date] [Thread] [Top] [All Lists]