On Feb 3, 2006, at 1:52 AM, Stephen Farrell wrote:
a) I would be very surprised if that text gained consensus due to
its serious lack of clarity (sorry to be critical, but there it is),
This was an attempt to consider how DKIM can be reasonably employed,
which should have started from an outline perhaps.
This was a strategy based upon these premises:
A) Recipients can not dependably recognize email-addresses
B) 'o=!' policy offers limited protection
C) Trusted domain lists are
a) safer
b) less expensive
D) Mail-filters, MDAs, or MUAs may mark messages for greater safety
E) Trust assessments of signing-domains
a) must be based upon encompassed content
b) must ignore envelopes
c) is independent of signature count
d) is very resource intensive and expensive
F) DKIM may not offer an assured email-address
G) Reputation assessments of email-addresses are not practical
H) Not all internal sources are trustworthy
I) Signing-domains should indicate internal trustworthy sources
J) Internally trusted sources from trusted signing-domains
a) limit the scope of white-listed acceptance
b) limit the conveyance of recipient "trusted" markings
K) Email-address sub-domain segregation is
a) disruptive
b) confusing
L) DKIM prevents the spoofing of sources
M) DKIM as a means to abate spam is perilous
-Doug
_______________________________________________
ietf-dkim mailing list
http://dkim.org