J.D. Falk wrote:
On 2007-03-12 11:05, Steve Atkins wrote:
On Mar 12, 2007, at 10:34 AM, Wietse Venema wrote:
Tony Hansen:
However, I'd like to hear some discussion on the issue: Should we put
out a version now (without the SSP references), or hold off until
SSP is totally finished?
I would not wait with an Overview document until SSP is ready for
prime time. I would encourage deployment of DKIM-base now so that
we can gain useful experience.
+1
+1
We're also more likely to get DKIM widely deployed before there's much
real-world experience with SSP than after.
SSP is pointless if it scares everyone away from deploying DKIM at all.
It is totally ironic that there come could be two opposite viewpoints.
Of course, one of us is going to be proven wrong. :-).
I tend to side with the high probability that blindly signing MAIL in a
DKIM-BASE only manner (with no helper support, and I presume you are
just against SSP, not other kind of helpers, like DAC or some other yet
to be established reputation helper), will not only open the door for
DOMAIN reputation damage but make DKIM as useless as the NO POLICY DRIVE
DOMAINKEYS currently is in the wide public open market place.
If there is any proof that a DKIM-BASE only concept will be proven to be
worthless (not widely adopted across the board), all anyone has to do
is look are DOMAINKEYS.
I take the position that if this issues are known as they are today and
we fail to do something about it, then we acted irresponsibly.
--
HLS
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html