ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] Issue: implementation Report v02 - Removal of 1st vs 3rd party statistics

2010-10-05 07:59:52
Ian Eiloart wrote:

-1

It is extremely relevant.


The data is there. The numbers can be calculated from the sample size 
(~500k) and the proportions. They're nowhere near the numbers 
("Originator signatures: 1.2 billion Third-party signatures:  184 
million") that you quoted in another email, which also don't match the 
proportions that you quoted. Where did 1.2 billion come from?

Sounds like revision v02 is already having its intended effect.

Ian, see the previous revision v01 section 4.2

http://tools.ietf.org/html/draft-ietf-dkim-implementation-report-01#section-4.2

In fact, what was left in rev 02 was Murry's 78.9% for the OpenDKIM 
observation of 1st vs 3rd.  What was removed was the AOL data point. I 
stated it as 86% here:

      http://mipassoc.org/pipermail/ietf-dkim/2010q3/014556.html

"Third party" is somewhat of a leap from "the domains don't match".

Third party per RFC 5016 is well defined.

For example, if the from header is in the domain "example.com" and we see 
"d=foo.example.com", is that really a third party signature? Perhaps 
some clarity of whether subdomains were permitted to match would be 
useful.*

It doesn't matter.  The Observed data is what counts. Per RFC 5016 
definitions, this is what we got X for that, Y for this.

Oh, and are you thinking this is about implementation of ADSP? 

As an engineer I look at data, look for patterns, see how they 
correlate to logical protocols and even justify experiments and 
problem solving.

To me, the data points show there is a strong 1st party stream of 
mail.  POLICY would be important here.  But that is not what the 
report is about.

For example, if the report showed the opposite, over 70% of the mail 
stream was 3rd party (5322.From != DKIM.d per RFC 5016), rest assured, 
we would be hearing how much POLICY or ADSP is insignificant and 
should be deprecated - and I would AGREE.

The reality is the overwhelming 1st party mail continues to justify a 
need for policy.  But that is my interpretation, not what the report 
is about.

I think 
it's supposed to be about implementation of DKIM, so that DKIM can be 
progressed. Please don't let a misunderstanding hold that process up.

Its not an mis-understanding.  There is nothing holding back DKIM but 
this constant interference with the reality.  Embrace and see how 
things change. What the factoid removal does is goes against chartered 
itemize goals of #2, #3 and #4.

* It would be interesting to know what proportions of author addresses 
were subdomains of the d= value, and vice-versa. Even to know if the 
domains share common whois registrations (like foo.example.com and 
bar.example.com) would be nice, though harder to do. Having said all 
that, I have my own log files that I could analyze, so I'll shut up.

Your, all data would be welcomed too.

Soon I will have accumulated data as well.  Currently working out how 
to present them in our web-view of the statistics.  IOW, adding 
DKIM/POLICY related columns to these statistics:

      http://www.winserver.com/public/spamstats.wct

-- 
HLS



_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

<Prev in Thread] Current Thread [Next in Thread>