Re: [ietf-dkim] DKIM+ADSP = FAIL, and it's our fault
2010-09-14 19:22:44
+1.
--
Hector Santos, CTO
http://www.santronics.com
http://santronics.blogspot.com
Steve Atkins wrote:
On Sep 14, 2010, at 12:35 PM, J.D. Falk wrote:
Yes, I know it requires more effort, but what we've been doing so far
clearly isn't working.
The problem is that the two things have badly conflicting requirements. DKIM
is based on a domain-based identifier that's independent of the From: domain,
and that's where much of it's value comes from. ADSP is based on a
domain-based identifier that must remain identical to the From: field at all
times, and that's where it's sole value comes from. ADSP intrinsically
conflicts with the original design case for DKIM, despite being piggy-backed
on to it.
So any document that puts forth even basic good practices for DKIM usage for
monitoring sender reputation (use d= to differentiate mail streams) is going
to be anathema to ADSP requirements (d= must be the same as the From: domain).
And any ADSP-driven set of requirements (mailing lists should not only
re-sign any mail they re-send, they should alter the From: address to match)
is going to be considered nonsensical by people who consider DKIM a way to
tie an identity cookie to a message.
And, as we've seen, any compromise document is hated by pretty much everyone,
even assuming you can get there.
Cheers,
Steve
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html
<Prev in Thread] |
Current Thread |
[Next in Thread>
|
- [ietf-dkim] DKIM+ADSP = FAIL, and it's our fault, J.D. Falk
- Re: [ietf-dkim] DKIM+ADSP = FAIL, and it's our fault, Hector Santos
- Re: [ietf-dkim] DKIM+ADSP = FAIL, and it's our fault, Rolf E. Sonneveld
- Re: [ietf-dkim] DKIM+ADSP = FAIL, and it's our fault, McDowell, Brett
- Re: [ietf-dkim] DKIM+ADSP = FAIL, and it's our fault, Steve Atkins
- Re: [ietf-dkim] DKIM+ADSP = FAIL, and it's our fault,
Hector Santos <=
- Re: [ietf-dkim] DKIM+ADSP = FAIL, and it's our fault, Murray S. Kucherawy
- Re: [ietf-dkim] DKIM+ADSP = FAIL, and it's our fault, McDowell, Brett
- Re: [ietf-dkim] DKIM+ADSP = FAIL, and it's our fault, Jeff Macdonald
- Re: [ietf-dkim] DKIM+ADSP = FAIL, and it's our fault, McDowell, Brett
- Re: [ietf-dkim] DKIM+ADSP = FAIL, and it's our fault, Jeff Macdonald
- Re: [ietf-dkim] DKIM+ADSP = FAIL, and it's our fault, Steve Atkins
- Re: [ietf-dkim] DKIM+ADSP = FAIL, and it's our fault, McDowell, Brett
- Re: [ietf-dkim] DKIM+ADSP = FAIL, and it's our fault, Stephen Farrell
- [ietf-dkim] 1st 2nd 3rd Party Signatures, Hector Santos
- Re: [ietf-dkim] DKIM+ADSP = FAIL, and it's our fault, Graham Murray
|
|
|