ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] portable reputation

2008-05-29 09:24:58


John Levine wrote:
One thing we hear a lot about in other contexts is reputation
portability.  If paypal were to create a new service, it would want
to borrow from its reputation.  
...
Reputation portability is indeed important, but I don't see why one
would want to implement it by default fuzzy domain matching, with all
the phish vulnerabilities that opens up, particularly when DKIM
already provides straightforward workable ways to do it.


Eliot,

Typical discussions about reputation portability have been based on use of IP 
Addresses.  The need for portability is due to being forced to use different 
IP Addresses.  Using domain names as identifiers changes the entire game. For 
one thing, it permits the reputation to be based on a far more stable 
identifier.

To whatever extent we want reputations to be able to be "portable" we need to 
make sure it does not conflict with desires to keep them separate.

d/
-- 

   Dave Crocker
   Brandenburg InternetWorking
   bbiw.net
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html