Missing citations for the quotes below:
[1] http://www.messagesystems.com/wordpress/?p=65
[2] http://www.messagesystems.com/wordpress/?p=69
Hector Santos wrote:
Dave CROCKER wrote:
Given the continuing, intense attention to DKIM that is taking place at a
variety of vendues, such as MAAWG and some private industry groups, your
assertion does not match the experience a number of us have.
Then one has to submit the question:
Is the best interest of entire IETF mail community being served
using a MAAWG and private industry group mandate to isolate
DKIM to single identity trust assessment?
I suggest that the best interest of the majority which include small
to mid operations, free or commercial is not being served. If you
want a solution for DKIM it needs to serve all parties of all sizes
and it must not be done at the expense of security.
To quote a CEO of one such Marketing company [1]:
Are we on the cusp of a customer trust meltdown? I don’t know.
But we are dealing with ‘trust’ at a different level than I’ve
seen before. Up to now, our trust conversations have centered on
whether we can be trusted to use customer data as they’d like it
be used. We’ve talked about trust relative to spam, data sharing
and the like. These breaches take trust to a much more basic
level — can we be trusted to keep our customer data safe and out
of the hands of criminals who might do them harm. This is all
about data security — something us marketers avoid thinking
about, but now must because it has direct brand ramifications.
and his recommendation [2]:
The framework I see for addressing this challenge is threefold:
1. Rally the industry and articulate data security/best
practice guidelines
2. Encourage companies to apply those guidelines within
their own environments
3. Provide a collaboration forum for companies to
discuss common threats and share best security practices
Security can not be ignored and want to give reasons for receivers
across the board to accept these new roles, then you must present all
outputs to help address all DKIM related evaluations, including does
related to security.
--
Hector Santos, CTO
http://www.santronics.com
http://santronics.blogspot.com
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html