[Top] [All Lists]

Re: [ietf-dkim] SSP is the Sender Signing Practices, not the Sender's accreditation

2006-11-09 10:21:05

On Nov 9, 2006, at 8:34 AM, wayne wrote:


As Wiestse recently said, much of this discussion has been gone over
many times and already archived.  From what I can tell, he seems to
think this all implies that the usefulness of SSP has already been
discussed and dismissed, and is wondering why these points are being
raised again.  I see just the opposite, I see it as having been
discussed and understood where it can be useful and am wondering why
these points are being raised again.

Several others have cast doubt on the usefulness of SSP because it
doesn't solve the phishing problems, especially the look-alike domain
stuff.  I see this as being a red-herring.  SSP is not designed to
solve the phishing problem.

Yet that is the use case that seems to keep coming

What is the real use case for SSP, in your opinion?

Not an abstract "well, the sender says they sign mail
and this mail isn't signed, so it's bad" sort of thing, but an
actual real-world example.

I think that would go a long way towards shining
some light on the goals, the current state and the
spaces between them.


NOTE WELL: This list operates according to