Yes, could be good to do it as a separate extension, I thought also about
specifying an X-Header that would be signed by DKIM.
Another way is to have a dkim tag that specify the header that indicates the
stream classification
Many ways to kill the same bird.
As for the stream name, I think giving a few codified ones, would help the
receiver in making decision, but if sender wants to use his own, then be free
to do so.
Should we resurrect your draft, or go another way? Which way you want to go?
(How does it work in IETF?)
----- Original Message -----
From: "Jim Fenton" <fenton(_at_)cisco(_dot_)com>
To: "Franck Martin" <franck(_at_)genius(_dot_)com>
Cc: "Rolf E. Sonneveld" <R(_dot_)E(_dot_)Sonneveld(_at_)sonnection(_dot_)nl>,
"IETF DKIM WG" <ietf-dkim(_at_)mipassoc(_dot_)org>
Sent: Saturday, 2 April, 2011 9:33:10 AM
Subject: Re: [ietf-dkim] Proposal: Removal of AUID (i= tag/value)
I'm told that adding something like this to 4871bis would require that
it go around again at Proposed Standard, rather than progress to Draft
Standard.
It might be possible as a separate extension to DKIM, however. I have
an expired draft along these lines,
draft-fenton-dkim-reputation-hint-00. But it didn't include the
specific stream names.
-Jim
On 4/1/11 2:04 PM, Franck Martin wrote:
I would suggest we deprecate i= and add st= (if not already used) that would
let the sender specify a stream category. It would be limited to say 20 (or
so) chars and we could specify a set of standard words (but not limited to).
I'm thinking of things like transactional, marketing, password-reminder,
sub-confirmation, billing, corporate, personal,...
It would be left to the receiver to use them or not of course.
I understand some of these words could be abused, but then the receiver could
build a confidence factor in domain/stream association, etc...
With IPv6 we may loose IP reputation, this is a way to bring it back within
DKIM.
PS: http://postmaster.facebook.com/outbound gives a good idea of streams in
IPv4 world with DKIM equivalent, but they may be about the only ones to do
that with DKIM.
----- Original Message -----
From: "Rolf E. Sonneveld"<R(_dot_)E(_dot_)Sonneveld(_at_)sonnection(_dot_)nl>
To: "Franck Martin"<franck(_at_)genius(_dot_)com>
Cc: "Jim Fenton"<fenton(_at_)cisco(_dot_)com>, "IETF DKIM
WG"<ietf-dkim(_at_)mipassoc(_dot_)org>
Sent: Saturday, 2 April, 2011 8:14:45 AM
Subject: Re: [ietf-dkim] Proposal: Removal of AUID (i= tag/value)
On 4/1/11 1:31 AM, Franck Martin wrote:
I had the feeling that Y! was using the local part of i= to do
differentiation in reputation. ie various streams within the same domain.
I know the spec intent recommends, different domains for different streams,
but then....
Intuition would tell me, that few people are willing (or understand) to have
different domains for different streams.
+1. And as DKIM d= information already is shown to end users by some UA
implementations (e.g. Gmail shows 'this message was signed by<domain>,
when clicking on details) the need/advise to use different domains for
different streams conflicts with the threat of phishers registering
look-alike domains.
/rolf
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html