ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] The mystery of third party signatures

2009-10-07 16:40:36
Mike says...
All of this is rather academic though: the big guys are signing now because 
they can
find some biz justification to do so. Until that biz justification percolates 
down,
it doesn't really make much difference what we do. When it does, the DNS 
"problem"
will evaporate.

I think this is really the bottom line.  Deployment difficulties and
delays always show up with new things.  If the new thing becomes
popular, the difficulties go away, and we wonder why we ever had
trouble with them.

S/MIME has been brought up as an example of the difficulty, and it
actually helps show how this works: there isn't much trouble with
S/MIME any more, not directly.  Most mail programs support it now
(alas, not Gmail), and the level of interoperability is good.  The
trouble now isn't with S/MIME, but with certificate distribution and
management.  There's also very little need for most people to use
S/MIME with most of their email.

DKIM replaces the problems of key management and distribution with DNS
management issues.  Service providers should be used to dealing with
DNS, so these problems should, as Mike says, get sorted out when the
providers see enough of a reason to use DKIM.

I'm not in favour of complicating the protocol, when we can do what we
want to do with what's there.  I'd really need to see significant new
use cases to drive any major change here.

On the other hand, I'd see nothing wrong if someone should want to
write a draft about mailing-list considerations, and propose it as a
working group item.  But I'd want to see it as a draft that we can
review, not just as a few ideas in an email message.

Barry, as participant
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html