Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion
2010-05-10 13:55:27
John R. Levine wrote:
No, all it says is "we signed this mail." A signer with a good
reputation will presumably rarely sign mail where the From: address
actively misidentifies the sender, but that's a second order effect.
Right, and because the domain owner has signed the email, they can be held
responsible for abuse. At least, to a greater extent than when the mail
hasn't touched any system that they have any control over.
It is certainly reasonable to say that the signer has a good reputation,
so we will accept his mail. But that's different from saying that the
signer has a good reputation, so the From: address must be "real".
Once again, this sounds like a solution searching for a problem. I've
done the occasional bozofiltering in mailing lists, but because the
people were bozos, not spammers.
The problem is reputation assignment. Different recipients (of mail from the
same list) will have different views of the sender's reputation.
But, the problem is real, and recognised. Mailing lists break signatures.
It is certainly a fact that mailing lists break signatures. But there are
differences of opinion whether it's a problem. Although I've seen plenty
of assertions that it's a problem, we're a bit thin with real life as
opposed to hypothetical scenarios where the broken signature leads to bad
results.
Apart from ADSP rules, a broken signature must be treated as if there
was no signature at all. That in itself is not the problem. The problem
with broken signatures is that people will not buy into a technology
(DKIM) if it will not cover a significant part of their e-mail. If the
problem of MLM's breaking signatures can be eliminated, can be solved or
(more likely) can be made smaller than it is now, this may lead to more
willingness to adopt DKIM as basis for further steps (like reputation
services). And the more DKIM is adopted and deployed, the more useful it
becomes as basis for further developments.
/rolf
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html
<Prev in Thread] |
Current Thread |
[Next in Thread>
|
- Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion, (continued)
- Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion, Ian Eiloart
- Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion, John Levine
- Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion, Ian Eiloart
- Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion, John R. Levine
- [ietf-dkim] Recent discussions, Stephen Farrell
- Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion, Ian Eiloart
- Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion, John R. Levine
- Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion,
Rolf E. Sonneveld <=
- Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion, John R. Levine
- Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion, Steve Atkins
- Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion, Brett McDowell
- Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion, Steve Atkins
- Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion, Ian Eiloart
- Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion, MH Michael Hammer (5304)
- Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion, Brett McDowell
- Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion, Brett McDowell
- Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion, John Levine
- Re: [ietf-dkim] list vs contributor signatures, was Wrong Discussion, Michael Thomas
|
|
|