ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] Notes from DKIM jabber meeting on 20 April 2006

2006-04-21 21:22:46
Sandy Wills wrote:
   Let's say that your grandmother, somewhere in the US, sent her
daughter (your mother) a letter at her newlywed house sometime in late
1941.  

I love analogies, so let's extend this one a bit.  If her daughter
received thousands upon thousands of pieces of junk mail, some of which
used fake postmarks to gain attention, others of which use her
grandmothers' name, how would her daughter even know that the letter was
real or worth her time?  If someone thought she would open it, then
they'd mimic that behavior as best they could so that their junk could
get read.

On the other hand, I think only experience is going to dictate good
practice here.  I doubt I would want to yank my keys for a message only
seven days after transit.  I suspect I'd want people to be able to
verify my messages for several months, if possible.

And one of the reasons I say this is that I'm not comfortable with a
secure means of communication between then POP/IMAP server and the MUA,
and so again I think some experience is needed, as well as some
additional extensions.  Many of the schemes used require stripping of
headers on "final delivery" or upon entry into the recipients'
administrative domain.  I'm not a fan.  An MUA needs something more
concrete.

Anyway, I think we'll get there based on our experiences.

Eliot
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html