On 03/16/2006 00:35, Dave Crocker wrote:
This database that you insist is necessary for DKIM to be useful is
pretty well by definition a reputation system. So, if as you say a DKIM
signature has no value without a reputation system of some limited kind
and reputation is out of bounds, I guess I don't understand what you
think we are doing here?
creating an infrastructure.
Unless one is in the business of selling infrastructure I don't know that it
has any vlaue in it's own right.
(well, dkim also creates a bit of accountability, by my own view is that it
does not mean much without an assessment component, too. but as John
Levine noted, it can be a small, internal table of well-known
correspondents.)
OK, so absent a reputation system it creates a bit of accountability then?
if you think dkim has larger value, on its own, please explain.
In the long run, I don't know. In the short run, as I've said before, I think
the primary value is in highly phished domains using a restrictive SSP. That
gives me leverage to reject 'bad' messages. We've discussed this before, so
there's no need for yet another round of pointless fingerpointing on the
value of SSP.
I was just curious since you seemed to have a very limited view of the value
of DKIM without reputation.
BTW, I'm about to drop off line for a while, so don't read anything into lack
of responses for a bit. If it's still relevant when I get back, I'll reply
then.
Scott K
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html