On Sat, 2006-02-11 at 11:42 -0800, Dave Crocker wrote:
The power of the current, simple 2-state model cannot be
overestimated, in my opinion. We need to keep in mind that this is a
mechanism for transit validation, rather than something with broader
scope.
There are myriad, clever enhancements that could be made to DKIM's
functionality. We need to firmly resist the temptation to pursue any
of them at this stage... unless there is a compelling argument for
*immediate* community need.
After the first IETF version of DKIM is issued as a standard, we can
consider all of those fascinating enhancements.
Right now, the urgency is for a basic, standard mechanism that works.
Agreed.
Threat analysis should not be as constrained, however. Noted problems
and possible defensive strategies may help ensure future options are not
circumvented or otherwise prevented. This may also set the proper
expectations for what DKIM can and cannot safely provide. Until the
limitations and defensive strategies for DKIM are better explored,
implementers may not have anticipated the impact and become
disappointed. Working out the problems within the WG, at least on
paper, also seems to ensure these solutions can remain in the public
domain.
-Doug
_______________________________________________
NOTE WELL: This list operates according to
http://dkim.org/ietf-list-rules.html