Frank Ellermann:
John L wrote:
This is the exact problem for PRA in the SIDF implementation.
Quite right. What would be the point in inventing yet another
authentication scheme that fails in all the same places that
SIDF and SPF do?
SPF has no problem with non-standard mailing list behaviour, it
doesn't look at (2)822 header fields From / Sender / Resent-*.
If you replace (Client IP Address) by (Valid DKIM Signature) then
the similarity between SPF and SSP can be quite striking.
Extreme application of SPF results in the rejection of mail that
does not come from the "right" Client IP Address.
Extreme application of SSP results in the rejection of mail that
does not come with the "right" Valid DKIM Signature.
It's really the same thing, at different layer in the OSI stack.
Or is it?
If all SSP were doing was to re-invent SPF at a different OSI
layer, then no progress would be made; we would only squander the
opportunity for better accountability that DKIM makes possible.
Wietse
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html