ietf-dkim
[Top] [All Lists]

RE: [ietf-dkim] How to reconcile passive vs active?

2006-08-07 15:19:08



-----Original Message-----
From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org on behalf of Damon
Sent: Mon 8/7/2006 3:34 PM
To: Michael Thomas
Cc: DKIM List
Subject: Re: [ietf-dkim] How to reconcile passive vs active?
 
Here is the scenario:

My CEO calls me and says, "I sent an email to the SEC and they never got it!"
"was it important?"
YES!
"then you should have sent it overnight return receipt requested via US mail, 
email is for non critical communications"
I thought electronic communications is the future!
"Well EDS, WLNP, WLP and other methods are indeed, email is not"
WHY NOT!
the infrastructure is there but the Policy of messaging exchange is not"
By the way did you sign the request for the autogyro megapipe?
"What the heck is THAT?"
I need it for the automated biradial contact device Im experimenting with
mumble......


- I tell him to hang on whilst I check the logs (and I finish my bagel)
... "We are showing a successful delivery. I will get hold of the
postmaster at the SEC an figure it out."
So I spend half a day trying to get the right schmuck on the phone and
another half a day trying to convey the urgency. (Like he/she cares
right?)
I call back my CEO who is pacing his office rug...
"Sir, it seems that they deleted our email because our sig was munged
and we have a 'I Sign All' policy"
"WHO told you to put in that policy?!" he pants.
"You did sir. Remember last year... you saw it in NetworkingWorld and
thought it was a good idea" - quickly reading off my CYA notecards.
"Well how do we FIX it?!" - My CEO now thinking I am a <editted> and
tossing my SVP paperwork in the circular file.
"We turn it off sir." Hearing the shredder and knowing in my gut what
he is shredding.
"DO IT (you ...... indistinguishable muttering)"
"Yes sir, but please be advised that we have our TTL's set kinda
longish.. it will be at least a day"
"... more indistinguishable muttering.. *click*"

- several months go by -

"Sir, my SVP wants to turn 'I sign all' back on. but I don't think we should."
- Suddenly my SVP paperwork is back on the desk and my VP is sorting
*real* mail.


I don't want this to happen to me.
Also, the first time it happens will likely be the last too.

I will concede that the strong "I sign all" is ok for transactional
message coming from the guys that get phished all the time... but I
would like to continue looking at something smaller than the nuclear
option.


Regards,
Damon Sauer


On 8/7/06, Michael Thomas <mike(_at_)mtcc(_dot_)com> wrote:
Steve Atkins wrote:

A lot of the controversy about SSP is based on
false positives - mail that was signed when sent but is not
signed when received.

I know that various people have been looking at the cases where
that can happen, but I don't recall seeing any quantitative
results presented. If they have been, could someone point me
at them?

It's not just quantitative, but qualitative. Quantitatively, we're seeing
about 2% breakage through lists or so. Qualitatively, there's nothing
that we can do to make that zero, and as a given user through a
given piece of list software, the quantity may be 100% (Y! groups
seems to be one of those). Will these cause cases to be opened with
IT? Sure seems like it to me. Do IT folks like new cases opened for
acceptable behavior? Not that I've ever seen, especially when they
don't have a way to resolve it.

      Mike
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html

_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html


_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

<Prev in Thread] Current Thread [Next in Thread>