ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] New Version Notification for draft-levine-dbr-00 (fwd)

2010-07-26 14:19:08
On 7/26/10 6:24 PM, J.D. Falk wrote:
I think it's because, when you implement most protocols, if your end is 
broken then you can't even talk to the other end.  With ADSP, if your end is 
broken then you can still talk SMTP and even sign with DKIM, but the other 
end may silently discard your message.  There's no feedback.
   
It's not lack of feedback causing unsubscribes on mailing lists.  Don't 
blame sysadmin for these problems.  ADSP, as currently defined, is 
unable to accommodate informal third-party services when attempting to 
offer protection from phishing.  Rather than adhering to the "practice" 
aspect of ADSP assertions, ADSP's "discardable" changed this into advice 
on message handling, analogous to the "-all" of spf.  Avoiding use of 
subdomains avoids confusing recipients recognition of the trusted 
domain, where use of unprotected subdomains just shifts the phishing 
problem.  There is no getting this right.

A vouching service is unlikely to offer a fix either.  How would a 
vouching service know better than the Author Domain?  I would not want 
to be on the hook when getting this wrong. It would be better to allow 
senders the latitude for getting this right, and making their own 
explicit determinations.  We have the technology. :^)

-Doug
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html