On Apr 19, 2009, at 9:02 AM, Suresh Ramasubramanian wrote:
Email authentication helps recipients determine whether it might
be safe to run scripts, or whether it might be safe to click on
links contained within emails, or to accept any number of often
socially engineered threats.
No sorry. Reputation and reputational analysis of individual emails
- possibly but not entirely tied to authentication - determines that.
Unfortunately, without authentication, reputation that will always
miss a percentage and only keep inboxes from being overwhelmed.
If you go around comparing this to seatbelts on cars, that's a
staggeringly bad analogy.
While providers might like to declare email safe, those offering an
allusion of security with authorization, also eliminated evidence of
their involvement. A seat belt mandate would be analogous to a
functional security mandate.
-Doug
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html