On 5/26/10 2:04 PM, Scott Kitterman wrote:
I don't know of a way to do that which doesn't require a trust relationship
with the mail list provider. If you have such a relationship then it's
relatively trivial to just not bother with ADSP checks for mail from such
lists.
Agreed. Author Domains use "all" or "discardable" to help recipients
deal any number of bogus messages. Since Author Domains may have an
interest in retaining trust, domains should also be able to indicate
their relationships with third-party services unable to furnish
Author-Domain signatures. Perhaps ADSP "all+tpa" might better signal
such an extension of trust. Clearly, mailing lists represent reasonable
examples of where sharing DKIM keys represents an impractical solution.
I'm left not knowing what advantage there would be from a more complex
standardized approach.
A conservative domain would retain trust by limiting their
authorizations to vetted third-parties. A DKIM specific authorization
scheme would give senders a clear voice in how their messages lacking an
Author-Domain signature are expected to be handled. With this
information, recipients would not need to guess or to consult gurus in
how a specific service's messages should be handled. This burden would
be placed upon the trusted sender. DKIM specific authorization would be
an infrequently used mechanism managed fully by those having the
greatest interest in mitigating abuse that might otherwise obscure their
messages.
-Doug
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html