ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] New Version Notification for draft-levine-dbr-00 (fwd)

2010-07-26 12:01:48
On Jul 25, 2010, at 11:36 AM, Murray S. Kucherawy wrote:

I've engaged some of you off-list trying to understand why ADSP is 
fundamentally different than the private agreements known to exist between 
PayPal and some large email service providers.  I get the philosophical 
arguments, but from a standards body perspective I remain stymied.

I'm finally beginning to buy that something akin to DBR may be necessary, but 
it's still weird to me that the point is that the average sysadmin can't be 
trusted to do ADSP right.  But then why, for example, can he/she be trusted 
to do DNS or SMTP or even TCP/IP right without some sort of vouching or 
reference service asserting competence?

The whole point of standards is to publish a mechanism for accomplishing 
something so that two parties that have never interacted in that specific way 
before can do so without some kind of out-of-band prior arrangement.  In that 
sense these statements about ADSP create some cognitive dissonance that I 
haven't been able to resolve yet.

I think it's because, when you implement most protocols, if your end is broken 
then you can't even talk to the other end.  With ADSP, if your end is broken 
then you can still talk SMTP and even sign with DKIM, but the other end may 
silently discard your message.  There's no feedback.


_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html