Michael Thomas wrote:
Any sort of analysis needs to keep in mind that although SSP thwarts
a relatively narrow set of attacks in and of itself, it could well
be useful in conjunction with various phishing filtering heuristics,
reputation, and the like which are all outside of the scope of SSP.
Not taking that into account -- or ruling any such possibilities out
of scope -- is an unfair and impossible barrier for *any* protocol the
IETF might produce.
Yup. An analysis which makes these details concrete would permit consideration
of the actual long-term benefit of the mechanism.
It would be nice to have concrete details.
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html