J D Falk wrote:
Wietse analogized:
DKIM and SSP have no more "enforcement" power than broadcast radio.
You don't know who "receives" the signal and you certainy can't force
them to do anything with it.
With the DKIM and SSP broadcast model, you can define the format
>> of the signal and its meaning. That's all. If you want to
>> control the receiver and "deny" mail, then you need a
>> fundamentally different model.
The same could be said about email today, yet there's an entire industry
built up around senders of email trying to convince receiving sites to
treat their messages in particular ways. Senders of email /want/
certainty, and what we've seen so far is that they'll leap on even the
slightest hint that they're about to get it. SSP will be no different.
On the other side, many potential implementors really really want to
know that they can reject all unsigned mail from a particular domain.
Seems to me that that's the important part here. I'm not sure anything
else is going to matter.
+1, thank you.
I just wish the note, it isn't the idea of rejection per se, but rather
dissemination - i.e, getting a better handle of what is being received
to assist in any classification process.
If receivers are expected to go to the expense and extremes of adding
the overhead to watch and process DKIM messages, there must be a payoff,
a reason to justify it all. Conversely, the same is true for senders.
If they are going into the expense and extremes of carefully signing
their mail which now comes with some new ambiguous "responsibility" (not
to be taken lightly) they too would want to have a payoff behind it all.
--
Sincerely
Hector Santos, CTO
http://www.santronics.com
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html