The main point of the Web page seems to be that Domain Keys/IIM does the
whole thing much better.
Like we did not know that already, the point of SPF/Sender-Id is that it
will be a while yet before we have a merged spec for Domain-Keys/IIM we are
still in trial stages. It makes a lot of sense to go forward with the low
hanging fruit authentication that SPF provides.
SPF now includes the HELO check so CSV is utterly redundant, it is an
unhelpful contribution to the debate at this point. The promoters of CSV
have not been working to win friends and influence people. 'nuff said.
For DK to work we need a policy layer, that will almost certainly be linked
to the deployed SPF/Sender-ID standard.
-----Original Message-----
From: owner-ietf-mxcomp(_at_)mail(_dot_)imc(_dot_)org
[mailto:owner-ietf-mxcomp(_at_)mail(_dot_)imc(_dot_)org] On Behalf Of David
Woodhouse
Sent: Monday, January 31, 2005 9:35 AM
To: gmc(_at_)metro(_dot_)cx
Cc: Douglas Otis; Frank Ellermann; ietf-mxcomp(_at_)imc(_dot_)org
Subject: Re: So here it is one year later...
On Mon, 2005-01-31 at 08:40 +0100, gmc(_at_)metro(_dot_)cx wrote:
The forwarding problem is known and information is on spf.pobox.com
(which still is the primary source for information about spf). It's
not like it is 'the big secret of spf' that there is a forwarding
issue. I suppose people read this site before publishing,
so they must
know about the forwarding problem. However, people still
publish. I'm
not going to guess at the motivations of these people, i'm not a
pyschologist. Fact is that despite the forwarding issue, people do
publish.
The forwarding problem isn't exactly shouted from the
rooftops on the SPF site, and people rarely actually think
things through for themselves, unfortunately. If you point
those _same_ people at something like
http://david.woodhou.se/why-not-spf.html they > often seem to
change their mind again and stop publishing records, in my experience.
--
dwmw2