[Top] [All Lists]

Re: [ietf-dkim] Collection of use cases for SSP requirements

2006-11-12 14:25:28

Jim Fenton wrote:
If you go to the message that Pat Peterson wrote that started this thread, that is exactly what some domains would like to do. They consider SSP to be helpful to counter phishing [Please, let's not re-open that question; it has been discussed to death] even if it is ineffective with look-alike domains and such. The requirement for the recipient to opt-in to have unsigned messages from their domains removed diminishes that perceived benefit greatly.

(I mean to post a thank-you to Pat for his note. That kind of market research is always helpful.)

Oddly, Pat's research adds an interesting challenge for the wg. End users state end-state goals.

They are not attempting to specify a path to achieve it.  That's our job.

Standards groups often try to specify all of a complex solution, because they are trying to respond exactly to the (imagined, perceived, or researched) end-user's description of what they want. It is what usually kills really interesting efforts, because the task is too complex, in its entirety, to do all at once.

So, I claim, our challenge is to take the end-user desire and figure out an initial deliverable that is as small as possible, while still providing real utility to the end-user, even if that utility is not a complete "solution" to whatever they have asked for.



  Dave Crocker
  Brandenburg InternetWorking
NOTE WELL: This list operates according to

<Prev in Thread] Current Thread [Next in Thread>