Scott Kitterman wrote:
On Friday 25 August 2006 17:48, Jim Fenton wrote:
While we aren't defining reputation or accreditation services in this
working group, it has been widely suggested that such services would use
the d= domain on the signature as the "lookup key" for retrieving
reputation or accreditation information.
Yes and IIRC, in the discussions about DKIM-base it was largely assumed d=
would point to the operator's domain.
I don't recall that at all. Yes, signing would normally be done by the
operator (I think I have the terminology straight on this...) but I
believe we were referring to the operator of the domain that the author
belongs to (in the case of an origination signature).
Some implications of this change in responsibility:
1. Responsible domains using SSP delegation will not be able to change
signing providers (delegatees) without forfeiting any positive
reputation they have accumulated. It should really be the delegator's
positive reputation, because they are the ones acting responsibly in
their mailing practices and/or the use of outside mailing providers. It
should not be necessary to start over if you change ISPs or outbound
marketing providers.
I can see this going either way. In the end the operator controls what goes
out and what doesn't. Both the author domain and the operator domain can
allow bad things to happen. Only the operator is in a position to be
assured of preventing them.
I'm pretty sure I have the "operator" terminology messed up, then.
-Jim
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html