On Jan 23, 2008, at 4:36 PM, Dave Crocker wrote:
Michael Thomas wrote:
Actually, I don't think that Ellen's business model needs to change
all that much: she needs to have her customers delegate her a
selector so that she can sign on their behalf.
There's quite a bit of history in pursuing that alternative. It's
viable in some cases and infeasible in others.
While it makes sense to have the delegation, if the agent is
intended to get the mail delivered based on the reputation of the
author, it does not make sense if the reputation of the agent is
relevant.
Agreed. Efforts establishing a domain delegation or maintaining
customers' keys and selectors may greatly impede acceptance from a
business perspective. Security breaches of providers holding many
customer keys may further impede DKIM acceptance when wrong domains
are accused of signing abusive messages. TPA-SSP offers a solution
that benefits delivery with the reputation of either party, ensures
forensics will locate the culpable or compromised domain, without
altering normal DKIM signing operations.
-Doug
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html