On Sun, 2005-07-24 at 11:39 -0700, Dave Crocker wrote:
avoiding this problem is easy, the accreditation records should include
a fixed word identifier as a preamble (say "DNA"), so that it is clear
that
DNA,MARID,1,A
and
DNA,MX,1,A
I think that you are confusing the semantics with the mechanism. DNA
provides a
mechanism for reporting some information. The semantics exist outside the
mechanism.
okay, let's say "MARID" denotes "DNA", but that leaves no method of
declaring name space.
1. The client-smtp reputation/accreditation assessment that is associated
with a
particular domain name exists in its own right, independent of the mechanism
used (eg, DNA) to report it.
there is no single correct definition of "domain name", just look at the
discussions here suggesting it can be determined based on reverse DNS,
MAIL FROM, PRA or EHLO, or any number of other methods. declaring that
_any_ method of authentication is equally valid is a recipe for
disaster. the accreditation record must declare stringently what it
covers.
2. A particular client choose to declare itself associated with that domain
name. CSA is one way to make that declaration.
yes. when there are many methods, the client may choose to point to a
reputation service which has accrued reputation based on some other name
space.
You are suggesting that the assessment information be labeled according to
the
mechanism used to communicate it. That's not a good idea.
The assessment does not depend on the reporting mechanism. The assessment
information certainly *does* need to be careful in the way it specifies the
identity and labeling what is being assessed, but it should not specify how
it
is reported.
not the reporting mechanism per se, but the name space used is a crucial
part of the identity.
CSV-DNA must either be locked to CSV-CSA, or it must explicitly cater
for other name spaces.
--
Kjetil T.