Having just read the wikipedia page on CSV, I see that CSV relies on these
phantom "reputable accreditation services" which seems to just push the question
into more vague infrastructure.
SPF works. It does not achieve things that it was not designed to achieve,
but in the real world in which I live, in which I am the only
reputable accreditation
service that I trust, the only minor headache in switching to a SPF-aware
e-mail service has been that I needed to alter one of my mail forwarders to
do SRS. It doesn't do SRS-compliant SRS, but mail routed through that
forwarder is now rewritten, therefore I can receive mail to my @cpan.org address
even though it comes from the wrong server according to cpan.org's strict SPF
policy.
http://en.wikipedia.org/wiki/Certified_Server_Validation describes a scenario
with this caste of accreditaion services which is scary as it would
become a method
for top-down information control. Let's say that Emmanual Goldstein
(http://cronos.advenge.com/pc/Orwell/1984/p76.html) has his
credentials revoked...
SPF does not rely on someone else to vouch.
SPF could be made compatible with a vouching system. A vouching system could
be based on SPF-verifed identity. As one of the weaker of various options.
--
David L Nicol
There's nothing to it but to do it
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com