----- Original Message -----
From: "Jeff Macdonald" <jmacdonald(_at_)e-dialog(_dot_)com>
To: <dcrocker(_at_)bbiw(_dot_)net>
Dave,
Thanks for the response. So just implementing
http://mipassoc.org/dkim/specs/draft-allman-dkim-base-00-10dc.txt
without SSP is considered a valid DKIM implementation?
For the list IETF record, If true, I believe quite strongly, with the
hat of a senior software engineer, find this highly irregular premature
promotion of an unsafe non-standard.
If Steve Atkins assertion is true and early adopters will be bulk
mailers and distributors, just consider the impact that it will impose
of SMTP receivers who will undoubtedly find issues with guaranteed to
occur mix policy exploits with no SSP verification protection. Systems
will take matters into their own hands, ignore it or use DKIM signed
mail against the bulk mailers thus reducing DKIM to yet another wasted
bandwidth contribution to the net. Worst, advanced derivatives that
secure DKIM protocol will surely emerge.
In my opinion, any good actor member of the bulk mail community or DMA
will be risking their reputation and mail distribution operations with a
DKIM only concept.
--
Hector Santos, Santronics Software, Inc.
http://www.santronics.com
_______________________________________________
ietf-dkim mailing list
http://dkim.org