I would not wait with an Overview document until SSP is ready for
prime time. I would encourage deployment of DKIM-base now so that
we can gain useful experience.
I sure hope that -overview is not looked upon as a necessary ingredient
for developing/deploying -base. Because I don't think it is.
In order to decide to deploy -base, one must understand not only its details,
but the context in which it is supposed to operate.
The -base document does not provide a general systems-framework for
understanding the role of -base, because that was not a goal for -base.
-overview provides that framework.
More generally, the deployment of security-related protocols has a long
history of being problematic. Understanding why and how DKIM is a credible
mechanism, in the face of that problematic history, also is not something
-base was intended to provide, since it is a specification rather than a
tutorial. On the other hand, -base does help with that understanding.
And so on...
Deployment is not a technical issue, so much as a management decision issue.
-Base is not intended to help decision makers or designers of the framework
into which DKIM will fit. The -Overview document is intended to help with this.
For anyone who is serious about wanting to get DKIM used, I would think that
they would want it used sooner, rather than later. Anything that will
facilitate the 'sooner' ought to be a straightforward choice.
In particular, I do not understand the idea of delaying something that can be
of significant use for early-stage -base adoption, and waiting for some
unknown moment in the problematic future, when SSP might eventually converge
and get approved.
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html