On Wed, 2004-11-24 at 11:11 +0100, Alex van den Bogaerdt wrote:
On Wed, Nov 24, 2004 at 09:38:13AM +0000, David Woodhouse wrote:
I do not compare my analogy to DK, IIM, SES, FBI, CIA, TLA, USA or any
other lettersoup. You have trimmed the relevant portion away so I suggest
you look up the earlier post that includes both parts of the analogy.
It still doesn't make sense. My neighbour has a key. Surely _that_ is
your alternative if you want your neighbour to be granted access? The
The analogy is not a one to one mapping. Any attempt to treat it as
such will of course fail.
OK, fair enough.
There used to be something that was nice, worked etc. Then it got
abused. Now you cannot do it anymore. Not because _you_ abused it
but because someone else needs to protect himself from abuse.
This "something" maps to forwarding. You are effectively saying that
having to use a lock on the door is bad, because it wasn't necessary for
over a hundred years so why change something that works...
No, I'd say using a lock on the door is sane. I'd equate SPF not to a
lock, but to replacing your door with sheet steel and welding it shut,
then using the windows in future. A lock would have sufficed, but you've
broken things that didn't need to be broken.
When I use domain keys, and when I send mail to you, and when this
bounces, where does the bounce come from?
I, (A) send mail to you (B). B forwards to C. C tries to forward to D.
Forwarding to D fails. Who will send a bounce, and to whom?
With DomainKeys? Forwarding to D doesn't fail, because the message is
signed to prove that it came from you. Spoofing fails, but normal
operation of the Internet continues just fine.
--
dwmw2