On 7/26/10 6:24 PM, J.D. Falk wrote:
I think it's because, when you implement most protocols, if your end is
broken then you can't even talk to the other end. With ADSP, if your end is
broken then you can still talk SMTP and even sign with DKIM, but the other
end may silently discard your message. There's no feedback.
It's not lack of feedback causing unsubscribes on mailing lists. Don't
blame sysadmin for these problems. ADSP, as currently defined, is
unable to accommodate informal third-party services when attempting to
offer protection from phishing. Rather than adhering to the "practice"
aspect of ADSP assertions, ADSP's "discardable" changed this into advice
on message handling, analogous to the "-all" of spf. Avoiding use of
subdomains avoids confusing recipients recognition of the trusted
domain, where use of unprotected subdomains just shifts the phishing
problem. There is no getting this right.
A vouching service is unlikely to offer a fix either. How would a
vouching service know better than the Author Domain? I would not want
to be on the hook when getting this wrong. It would be better to allow
senders the latitude for getting this right, and making their own
explicit determinations. We have the technology. :^)
-Doug
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html