On 4/20/11 2:50 PM, Murray S. Kucherawy wrote:
-----Original Message-----
From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org
[mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of Douglas Otis
Sent: Wednesday, April 20, 2011 2:40 PM
To: ietf-dkim(_at_)mipassoc(_dot_)org
Subject: Re: [ietf-dkim] ADSP stats
There is still a need for this type of work to improve upon DKIM
acceptance when signatures are damaged for various "innocent" reasons.
It seems appropriate to first determine the output of DANE and how IPv6
acceptance might be handled. IMHO, IPv6 acceptance needs practical SMTP
sender validation methods. Once in place, providing a policy layer upon
what has been embraced as a practical acceptance mechanism for SMTP
senders could easily be extended to include third-party issues with
DKIM. For example, this policy layer may be needed to deal with variant
IDN bundles.
I don't see how DKIM and DANE occupy related spaces.
They don't. However, making third-party exceptions is better done in
conjunction with a scheme that lacks replay by undefined entities. Such
a mechanism is also necessary to support domain reputations and perhaps
even IPv6 acceptance.
IMHO, DKIM represents an anti-phishing mechanism. As such, it is
important for DKIM to be earnest in ensuring valid signatures preclude
obvious spoofing techniques.
-Doug
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html