On Thu, 13 Jan 2011 12:50:45 -0000, Eliot Lear <lear(_at_)cisco(_dot_)com>
wrote:
While perhaps this is an entertaining idea (I was particularly
entertained since it seems to take my notion of generalization far
beyond where I might have taken it), absent an application I have a
difficult time supporting it. And even if you had an application, I
would be initially disinclined to go this far, simply because
generalization comes with the cost a loss of specific optimization and
often some amount of (sometimes substantial) overhead. Further, we
don't really get a good view of what to generalize without substantial
operational experience with disparate use cases.
I am glad you find it entertaining. But it was not intended to be so.
You seem to imagine that DKIM is some brand new technology, unlike
anything that has ever gone before.
It is not. Similar header signing mechanism have been in use within
Netnews for the past 15 years or more, both for authenticating control
messages, and for authenticating articles posted by moderators.
So we already have three header-signing protocols in current use - hence
this proposal to discourage even more ways of doing the same thing.
The problem with the two existing Netnews protocols is that they are (a)
different and (b) inflexible. Whether they would be changed to be DOSETA
based at this late stage is doubtful, but certainly possible. But for sure
they would need different key management protocols, because the signatures
would NOT be on behalf of a domain.
--
Charles H. Lindsey ---------At Home, doing my own thing------------------------
Tel: +44 161 436 6131
Web: http://www.cs.man.ac.uk/~chl
Email: chl(_at_)clerew(_dot_)man(_dot_)ac(_dot_)uk Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K.
PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html