On 9/27/10 12:10 PM, Murray S. Kucherawy wrote:
On Monday, September 27, 2010 12:00 PM, Douglas Otis wrote:
The ATPS draft incorrectly assumes two things:
1) All desired third-party services use DKIM.
For the purposes of the experiment, that seems to be a reasonable assumption
given the associated mechanisms. It would however be trivial to decouple it
from DKIM (or more specifically, ADSP).
You have placed TPA information in a domain not below
"_domainkey.<signing-domain>". This increases the response size by 11
bytes with a trade-off of making delegations to signing mail providers
more difficult. I am open to either approach, however only DKIM makes
this scheme practical.
2) Additional header fields are not needed to ensure proper message
sorting or recognition.
I'm open to adding such extensions to the experiment if they're deemed
necessary, but I don't want to pack the content of the record with a bunch of
stuff until that's obvious. Over-engineering these efforts up-front has been
proven a very effective way of rendering them unusable.
Unless there is a recognized need, additional information should not be
included. At the same time, unless authorizations can defend against
likely abuse, that too would render efforts unusable. The additional
information also benefits the recipient when it simplifies their process
and increases the number of messages being properly marked for rejection.
-Doug
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html