[dkim-dev] [ietf-dkim] Authorizing List Domains

Murray S. Kucherawy msk at cloudmark.com
Wed Sep 29 20:10:22 PDT 2010

> -----Original Message-----
> From: Douglas Otis [mailto:dotis at mail-abuse.org]
> Sent: Wednesday, September 29, 2010 6:03 PM
> To: Murray S. Kucherawy
> Cc: dkim-dev at mipassoc.org; ietf-dkim at mipassoc.org
> Subject: Re: [ietf-dkim] Authorizing List Domains
> While done with the best intentions, the dkim-mailinglists draft in
> section 4.1 Author-Related Signing, recommendations should be
> considered
> a bad practice for domains being phished and making strict ADSP
> assertions.
> http://tools.ietf.org/html/draft-ietf-dkim-mailinglists-02#page-11
> [...]

Although of course the chairs have final rule on this point, I suspect the paragraph I've cited is the only one that covers a topic within our current charter.  None of the various ADSP-adjunct stuff is actually chartered material.

> >  I'm confused. You say TPA allows fallback to other adopted
> >  verification methods, but you also say it refers specifically to
> >  DKIM/ADSP deliverability. I'm not clear on how both can be
> >  simultaneously true.
> SPF authorizations fail more often than DKIM signature validations, but
> the percentages for either are not insignificant.  As such, some
> domains
> would like path verifications to act as a fallback method whenever DKIM
> signatures don't verify.

I would submit then that this work actually exceeds the scope of the DKIM WG.  It might more appropriately be pursued either in a new WG that has as its scope all available authentication schemes, or as an individual submission.

> > > Requiring additional header field compliance better ensures
> > > different mail streams remain recognizable by recipients. Many
> > > MUAs already display Sender,
> >
> >  Which ones? None that I've ever used do.
> Perhaps you have not used Microsoft Outlook [...]

Actually, I'm writing this to you from Outlook.

More information about the dkim-dev mailing list