[ietf-dkim] a bit of philosophy on working group productivity
dhc at dcrocker.net
Sun Aug 14 14:25:29 PDT 2005
> > But first we need to do *anything at all* that is useful.
> > As of today, there is no standardized transit-time message authentication
> > technique. If we can produce a standard that permits validating ANY
> > identity
> > with a signed message, we will have created a stable base for all sorts
> > of enhancements.
> Perhaps, but a stable base for future enhancements that will actually have
> some utility is not, I would think, something useful.
You seem to have missed the "but first" paragraph.
> Unless the output of this putative group would at least enable a receiver to
> reject a 'bad' message or have more confidence in a 'good' message there is
> no incentive for either senders or receivers to deploy.
for some definitions of good messages and bad message.
> It would seem to me that there is a necessary tie between the identity being
> signed, some e-mail identity that end uses actually see, and some type of
> sender policy declaration that would allow receivers to have some idea how
> to interpret the presence, absence, and validity of signatures.
Quite a bit of useful filtering is done today that does not require the end-user
to participate directly and does not involve knowing the sender's "policies" and
does not require using the rfc2822.from field.
dcrocker a t ...
WE'VE MOVED to: www.bbiw.net
More information about the ietf-dkim