ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-dkim] SSP sender expectations

2007-12-04 06:59:24
from [Hector Santos] [Permanent Link] 
Patrick Peterson wrote:


Not to speak for Scott K but I do not believe he was saying senders
expected certainty about internal filtering. SSP explicitly says this is
not the case.

Here's my spin:
As a sender the ability for me to state my desired (NOT DICTATED)
receiver policy increases the likelihood that this policy will be
considered and honored.
Senders that cannot state a desired (NOT DICTATED) receiver policy are
guaranteed such a policy will not be considered nor honored.

I desire a SSP that allows senders to state strict/deny. I care not a
whit what others do with such a policy but I feel it is beneficial
because senders want to state such policies and I can build a better
receiving system that takes it into account. Why should this be withheld
from the Internet because others think it's not useful for them?
+1. It really can't be that simple? Could it? I mean, why would I bother to the extremes of processing a DKIM header/body if the end result is indeterminate? Its like getting a gun without bullets!
Mr. Levine is correct about one thing - SSP has been made overly complex to the point it is pretty a sure bet it is guaranteed to fail (not pass IETF certification). 

In theory, there is two fundamental ideas here:

     - You sign, you expect me to check, you get judged!

     - if you don't sign, and you want me to check a policy
       and find that you were supposed too, you get judged!
But once you watered it down, then you begin to reduce the payoff and worth of the system. It becomes only beneficial in specialized operations with a high potential of abuse outside that specialization. 

Oh..

PS: SSP does not dictate receiver behavior  :)

and the irony is that raw DKIM *does* dictate receive behavior!
The Receiver either processes DKIM or it doesn't. But if it does, there is a militant inherent policy of "Ignore if Failure." Forget that it was ever signed.
IMO, this inherent DKIM policy defies logic and this makes SSP even harder to work out. It is the #1 flaw of the system and in my book, possibly the ultimate consideration if DKIM will become widely adopted or not. It policy, done to appease the mailing list people, will continue to be a thorn on DKIM's side until it is resolved or addressed by some means. 

--
Sincerely

Hector Santos, CTO
http://www.santronics.com

_______________________________________________
NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] Review of DKIM Sender Signing Practices (draft-ietf-dkim-ssp-01), Charles Lindsey
Next by Date:  Re: [ietf-dkim] SSP sender expectations, Hector Santos
Previous by Thread:  RE: [ietf-dkim] SSP sender expectations, Patrick Peterson
Next by Thread:  Re: [ietf-dkim] SSP sender expectations, Hector Santos
Indexes:  [Date] [Thread] [Top] [All Lists]