Bill(_dot_)Oxley(_at_)cox(_dot_)com wrote:
DKIM has nothing to do with reputation, reputation providers may want to
use DKIM as part of their processing technologies but that is their
issue/point of failure. I want something that allows me to accurately
identify who decided to send me a piece of mail.
What I choose to do with that identification is internal to me as a
receiver.
Any negative assertions by the DKIM signer may be helpful for me to
classify the material I have received.
DKIM base provides the ability for you to determine who's handle a message
in transit just by the fact that it accrues signatures from the domains
it's passed
through who choose to sign. You don't need anything more to achieve what
you're asking for.
SSP goes beyond that and informs the receiver about the signing domains
practices
which also allows you to potentially correlate what to expect from the
author's domain.
Maybe the overall problem here is that we're conflating the information
service of
SSP and the correlation that a receiver might want educe from that.
Maybe we should say that
SSP is *only* about the practices information service of the *actual*
domain in
question. From that standpoint, it doesn't make much sense for that
domain to speak
of the practices of other domains -- that's their SSP record's job.
Mike
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html