ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-dkim] SSP = FAILURE DETECTION

2006-09-11 13:26:15
from [Hector Santos] [Permanent Link] 

----- Original Message -----
From: "J.D. Falk" <jdfalk(_at_)yahoo-inc(_dot_)com>
To: "IETF-DKIM" <ietf-dkim(_at_)mipassoc(_dot_)org>


If the signature is good, then the recipient can A) send
feedback to the right place and B) use the senders reputation
to make decisions about delivery


But where was the acceptance criteria in the first place?
That it passed the DKIM test?


The acceptance criteria is completely external to DKIM -- Steve
labeled it as "B" in the portion you quoted above.

Why is this such a difficult concept?


Nothing at all, but reputation is out of scope.  Or is it?  Where is the
specification?  Whose reputation database are we suppose to use?   Yours?
John's?  The other system I just heard about with its own "DAC" concept or
even the one that Santronics might invest in producing?

I honestly wish that we are can be "men" enough here to admit what is the
precise debate going here.  We have a reputation out of scope WG mandate,
yet, we have a group that is winking their eye, saying "Sure, right!"

As I always said, reputation will be among us. Everyone has a White/Black
and many even use Grey now.  But we don't need DKIM to have this explicit
list of the good or bad.  Its a different level.

What SSP focuses on its the mechanics of the DKIM protocol, not a subjective
"Member only" concept, that a) isn't standardized and run the risk of having
different results based on what service bureaus you subscribe to, paid, free
or otherwise.

I think it is unrealistic to believe the wider market of receivers, not just
the selected high value few, are going to accept and tolerate DKIM abuse
that requires extra batters using non-standard methods and a requirement to
participate in one or more 3rd party databases to find out, purely based on
the 3rd party vouching system, if the mail is good.

I would rather add logic to my SMTP system to disseminate the non-compliant
bad first which by far has reached atleast 80% and just pass on the
indeterministic remainder to the administrator and users to decide what they
want.

--
Hector Santos, Santronics Software, Inc.
http://www.santronics.com


_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] SSP and mailing lists, Thomas A. Fine
Next by Date:  RE: [ietf-dkim] SSP and mailing lists, Bill.Oxley
Previous by Thread:  Re: [ietf-dkim] SSP = FAILURE DETECTION, J.D. Falk
Next by Thread:  accept, deny, or other delivery decisions (was Re: [ietf-dkim] SSP = FAILURE DETECTION), J.D. Falk
Indexes:  [Date] [Thread] [Top] [All Lists]