Wietse Venema wrote:
In my opinion, as one of the authors listed on the ASP draft, SSP-02
is close enough in spirit to ASP that I could live with either.
The protocol is extensible. Let's gain experience with this basic
protocol and let experience teach us where extensions will be useful.
What experiences are you looking for? What are your goals? Do you
really think people want to repeat this process again?
As engineers, I would like to believe that we are still capable of
having intelligent foresight and know-how of our products and operations
working; what dangers, the loopholes, the benefits and problem areas and
what I would venture with almost near certainly many property domain
owners globably will desire greater protection again forgery.
With this watered down specification, it has all the markings for 3PS
exploitations - a clear violation of a domain wanting strict controls.
Unless everyone uses DKIM=DISCARDABLE, the idea that DKIM=ALL will trump
these 3PS violations is something I think you are wrong about, and thats
an engineering opinion based on practice - not a wishful guess.
At least SSP-01 allows for the possible of 3rd party signatures. This
new version intentionally has no insight on 3PS.
--
Sincerely
Hector Santos, CTO
http://www.santronics.com
http://santronics.blogspot.com
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html