ietf-mailsig
[Top] [All Lists]

RE: Web pages for MASS effort

2004-12-01 18:09:33


On Wed, 1 Dec 2004 domainkeys-feedbackbase01(_at_)yahoo(_dot_)com wrote:

But that's not what William is saying. The suggestion is not that some 
senders will pick a loose policy while other senders pick the strict 
policy on day one. Nor that senders might change from one policy to the 
other for their own reasons.

Those who talked to me privately know that is EXACTLY what I've been 
saying - that senders some senders will choose loose policy designed
for maximum compatibility but others will choose strict one. I would
not recommend a bank that knows its sending email directly to its customer 
to allow for additions of email in the signature. Such bank should
add EDigest header with no "n" tag and either it verifies or it does
not in which case there is a problem.

Rather, the suggestion is, I believe, that the Internet as a whole mostly
starts with a loose policy and slowly transitions to a strict policy as
intermediaries become signature aware.

That is also true - I believe email majority (i.e. ISPs) will pick a
loose policy that is safest for its customers but in the future once
everyone is signing emails, that will begin to change.
 
Your interest in the sender expressing a maximum level of munging is an
interesting notion, but it's unrelated to the issue of whether an
Internet-wide, time-based, incentive-free, transition plan is realistic.

Its quite realistic - very few open relays exist now for example and
very few are using HTTP 0.9 protocol (or HTTP 1.0 for that matter).
UUCP is also not used for news and email except in very special niche 
places, etc. Its all just a matter of time and perceived need (and
it also depends how easy it is to change - I believe that if change
is just a metter of a checkbox or line in .conf - than it can happen
quite quickly).

-- 
William Leibzon
Elan Networks
william(_at_)elan(_dot_)net


<Prev in Thread] Current Thread [Next in Thread>