On 5/10/2010 11:13 AM, Rolf E. Sonneveld wrote:
The problem
with broken signatures is that people will not buy into a technology
(DKIM) if it will not cover a significant part of their e-mail.
They will not buy into a technology if its performance does not match their
expectations. That's a very different statement from yours. It leads to focus
on both expectations as well as performance. One of the problems, here, is with
having expectations that do not match the goals and nature of the technology.
This is probably primarily due to believing that DKIM is saying something about
the validity of the From: field, which it doesn't.
Another mismatch is believing that the absence of a DKIM signature means
something, which it doesn't.
If the expectation is: The presence of a valid DKIM signature, means that I
have a reliable and accurate identifier I can feed into a reputation engine,
then people will be happy to adopt it.
I've started doing a little experiment during DKIM presentations. (Twice, so
far, with another planned in June.
1, I ask the audience what they think DKIM does; a few responses are
offered.
2. I then put up a slide that lists things people might often think that
DKIM does. So far, responses from the audience have been a strict subset of
the
list I put up.
3. I then tell the audience that only one item on the list accurately
describes DKIM's function.
4. I then ask them to get which item it is. They shout out some more
guesses. They are usually wrong.
Here's the list I've been using. See if you know which item is correct and
understand that all of the other items are /not/ what DKIM does:
* Means a message is not spam
* Guarantees delivery
* Puts a domain name on a message
* Validates a message
* Authenticates the author or origin of a message
* Authenticates the sender of a message
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html