Re: [ietf-dkim] Is anyone using ADSP? - bit more data from the receiving

ietf-dkim

[Top] [All Lists]

<prev [Date] next>

<prev [Thread] next>

Re: [ietf-dkim] Is anyone using ADSP? - bit more data from the receiving side

2009-10-12 22:27:23

from [John R. Levine]

[Permanent Link]

  [ this is also well trodden ground, so I will again try and keep this short ]

Short summary: DKIM and ADSP offer no meaningful defense against spoofing.

Shorter summary: The WG charter says there should be


Yes, there was considerable naive optimism in the charter.

We all agree that it would be great to have a scheme to spoof-proof mail. 
But ADSP isn't it, for the reasons we've all gone over, no matter how much 
we might wish that it were.

* At this point, the only significant spoof targets that sign all
their mail are Paypal and ebay.


Who notably haven't deployed ADSP despite their strong business case.


I can assure you that Paypal and eBay are quite aware of DKIM and ADSP, 
and I have personally heard them encourage ISPs to drop unsigned mail 
purporting to be from them due to the amount of forgery.  Nonetheless, 
they don't publish ADSP.  This tells me that I'm not the only one who 
thinks that there isn't a business case for ADSP.

R's,
John
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: [ietf-dkim] Resigner Support of RFC 5617 (ADSP), (continued) Re: [ietf-dkim] Resigner Support of RFC 5617 (ADSP), Dave CROCKER Re: [ietf-dkim] Resigner Support of RFC 5617 (ADSP), Michael Thomas Re: [ietf-dkim] Resigner Support of RFC 5617 (ADSP), hector Re: [ietf-dkim] Resigner Support of RFC 5617 (ADSP), hector [ietf-dkim] Is anyone using ADSP?, John Levine Re: [ietf-dkim] Is anyone using ADSP?, hector Re: [ietf-dkim] Is anyone using ADSP?, Suresh Ramasubramanian Re: [ietf-dkim] Is anyone using ADSP? - bit more data from the receiving side, Daniel Black Re: [ietf-dkim] Is anyone using ADSP? - bit more data from the receiving side, John Levine Re: [ietf-dkim] Is anyone using ADSP? - bit more data from the receiving side, Daniel Black Re: [ietf-dkim] Is anyone using ADSP? - bit more data from the receiving side, John R. Levine <= Re: [ietf-dkim] Is anyone using ADSP? - bit more data from the receiving side, hector Re: [ietf-dkim] Is anyone using ADSP? - bit more data from the receiving side, Steve Atkins Re: [ietf-dkim] Is anyone using ADSP? - bit more data from the receiving side, Dave CROCKER Re: [ietf-dkim] Is anyone using ADSP? - bit more data from the receiving side, hector Re: [ietf-dkim] Is anyone using ADSP? - bit more data from the receiving side, hector Re: [ietf-dkim] Is anyone using ADSP? - bit more data from the receiving side, Ian Eiloart Re: [ietf-dkim] Is anyone using ADSP? - bit more data from the receiving side, Steve Atkins Re: [ietf-dkim] Is anyone using ADSP? - bit more data from the receiving side, Dave CROCKER Re: [ietf-dkim] Is anyone using ADSP? - bit more data from the receiving side, hector Re: [ietf-dkim] brand protection, was Is anyone using ADSP?, John Levine

Previous by Date:	Re: [ietf-dkim] The mailing list argument, was Resigner Support of RFC 5617 (ADSP), John Levine
Next by Date:	Re: [ietf-dkim] The mailing list argument, was Resigner Support of RFC 5617 (ADSP), hector
Previous by Thread:	Re: [ietf-dkim] Is anyone using ADSP? - bit more data from the receiving side, Daniel Black
Next by Thread:	Re: [ietf-dkim] Is anyone using ADSP? - bit more data from the receiving side, hector
Indexes:	[Date] [Thread] [Top] [All Lists]