On Aug 24, 2010, at 10:23 AM, Mark Delany wrote:
On Tue, Aug 24, 2010 at 09:45:20AM -0400, Wietse Venema allegedly wrote:
Hector Santos:
IMO, it is these statements that continues to raise confusion and
raise the barrier of industry wide adoption that includes the general
population of MTA developers and operators from tiny to small to even
large.
As a part-time MTA developer I am not confused. The DKIM signature
provides a simple piece of trace information ("I handled this mail")
that is cryptographically bound to some header and body content.
Yes. And that the obverse is possible: "I didn't handle this mail".
I don't see how DKIM can provide the obverse - the obvious way
is for a sender to assert that all their mail has a DKIM signature,
but that fails when the DKIM signature breaks in transit. Is there
a clever trick I'm missing?
As Jon Callas is fond of saying, you know a protocol is a success when
it's abused in ways you never thought possible. The bi-laterals that
others have discussed are a small example of this.
Jon got it right: we don't need to know all of what is possible with
so general a component as DKIM.
My personal motivation, going back some seven years now, was about
tools for putting credibility (back) into the email system. Clearly
this is far from the only motivation across the population of DKIM
developers. Varying motives don't necessarily mean varying tools.
DKIM allows you to attach a token to an email. That's such a generally
useful thing it's no surprise people are finding a range of uses
for it.
Cheers,
Steve
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html