On 8/19/2010 10:50 AM, Murray S. Kucherawy wrote:
I would focus on the fact that it, in addition to being a mechanism to thwart
forgeries, is a framework for providing things like domain reputation.
Sorry, but you have these priorities and foci confused.
dkim's primary use is the attachment of a verifiable label, to be used for
assessment. The nature of the design of the mechanism makes its ability to be
used for this purpose uncontroversial and very low risk. The risk, now, is all
market preference, rather than functional. That is, there is no technical risk
to DKIM's ability to satisfy this requirement. The extent to which the market
finds it useful for that purpose is still being established.
The extent to which dkim can also be used to protect against forgeries is, so
far, completely theoretical AND controversial. We've debated this topic many
times and I'm not trying to claim a certain outcome for that debate. Merely
noting that it has credible people on both sides and no track record.
Steve Atkins' summary and the Intro to 4871bis have the focus accurate, IMO.
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html