Doug,
Douglas Otis wrote:
On Mon, 2006-08-28 at 12:04 +0100, Stephen Farrell wrote:
Folks,
I think we've done the delegation debate sufficiently that we
can, and should, sit back and think about it for a while (i.e.
stop typing for a bit:-). For now, maybe best would be for Mike
to ensure that the -01 requirements draft has sufficient mention
of the issue, that we don't forget to come back and resolve it in
a bit.
Rather than calling a solitary policy flag "I sign everything", this
flag would be better described as "I am being phished". The use of this
flag will come to represent a dire situation as it will also likely
induce a myriad of delivery issues. As such, this policy might be
published by only a small portion of the overall domains.
A rare policy will expend greater efforts searching each 2822.From for
policies up name trees that in the end are unlikely to exist. Even if
DKIM were being used, the suitable default is implied when nothing is
published. A repository listing phished domains would likely gain
greater adoption and consistent use by DKIM verifiers. This repository
could identify those being phished as well as their look-alikes.
So I ask that we sit back and not prolong the thread and you respond
with this...I don't know what it is actually, since I can't extract
anything meaningful from the above.
If you have a new, relevant, SSP-requirements related issue, that *you
can state in a way that we can understand*, then go ahead and start a
new thread. Otherwise, please say nothing for a bit.
Stephen.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html