ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-dkim] marketing dkim

2010-08-20 10:44:36
from [Ian Eiloart] [Permanent Link] 


--On 19 August 2010 12:29:35 -0400 Hector Santos <hsantos(_at_)isdg(_dot_)net> 
wrote:


Bill(_dot_)Oxley(_at_)cox(_dot_)com wrote:

Daniel,
DKIM signing clearly defines who takes responsibility for
signing an email


Responsible for what?  Can I get sued when something goes wrong?


If you're doing stuff that's illegal, then your DKIM signature makes it 
easier to prove a law suit against you. Similarly, if you're not doing 
anything illegal, then your signature could provide evidence of tampering 
by the recipient or a third party.


ADSP is only useful if it is implemented by draconian senders
like financial emailers who really really want all malformed
dkim signatures to be dropped regardless of consequences


Draconian?  Maybe they don't to get sued when the new signer
ignorantly ignores policy and resigns the mail thus passing the
responsibility buck.  You know the "You break, you own" pottery
principle.  PAYPAL was pretty smart to put a official RFC sanctioned
technological disclaimer out there.


Yes, I wouldn't call an ADSP user draconian. Defensive (in a neutral 
sense), perhaps.


There is NO filtering usefulness using DKIM as it is
not reputation based. It does give one the ability to slow
down spoofing. If the signature matches then indeed the sending
ISP did in fact send it


But what if it didn't match?  Do you continue sending potentially
spoofed mail?


Actually, there is filtering usefulness in DKIM, because it can be used in 
conjunction with a reputation database.




Now why would anyone make time to evangelize against a
protocol at a conference is beyond me unless it was SPF :-)


Maybe because for so long everyone heard about how great DKIM is, with
years of no real proof or payoff shown, and now the conference
sponsors decided to add an opposing viewpoint or a viewpoint that
might suggest where there might be a payoff with DKIM.




-- 
Ian Eiloart
IT Services, University of Sussex
01273-873148 x3148
For new support requests, see http://www.sussex.ac.uk/its/help/


_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] marketing dkim, Ian Eiloart
Next by Date:  Re: [ietf-dkim] draft-ietf-dkim-rfc4871bis, John Levine
Previous by Thread:  Re: [ietf-dkim] marketing dkim, Hector Santos
Next by Thread:  [ietf-dkim] Reputation Filtering, Hector Santos
Indexes:  [Date] [Thread] [Top] [All Lists]