[ietf-dkim] a bit of philosophy on working group productivity andscope

Arvel Hathcock arvel at altn.com
Sun Aug 14 15:33:20 PDT 2005 

Dave, what is it exactly that you are suggested we agree to and why?  Is it 
that you want to make lookups on unsigned mail optional?  What would doing 
that achieve?  We'd all still have to agree on how it gets done for the sake 
of those who implement the optional.  So, if your position is that the 
additional complexity involved brings doom to the process, you can't escape 
that by this move.  Or, do you suggest we remove draft-allman-dkim-ssp as 
input into the process completely?

-- 
Arvel


----- Original Message ----- 
From: "Dave Crocker" <dhc at dcrocker.net>
To: <ietf-dkim at mipassoc.org>
Sent: Sunday, August 14, 2005 11:36 AM
Subject: [ietf-dkim] a bit of philosophy on working group productivity 
andscope


> Folks,
>
>
>> >  what is the most minimal enhancement that would make
>> >  you happy TODAY?
>> >
>> >  define requirements that dkim satisfies, without
>> >  actually saying anything about the details of dkim itself.
>> >
>>  Why the "most minimal" qualifier in your question?  We are capable of
>>  producing something more than the bare minimum.
>
>
>
> Here is our current reality:  As of this moment, it is not clear that we 
> are
> capable of producing anything at all.
>
> There is no existence proof for real success in this arena of
> standardization. The DKIM effort has no track record of success in the 
> IETF.
>
> Until we change that, we are working with hopes and dreams, not reality.
>
> When an effort starts, the more difficult the topic and the more diverse 
> the
> participation, the higher the risk of standardization failure.  As with 
> any
> high-risk project, the first goal needs to be to demonstrate usefulness, 
> ie,
> success.
>
> In the long run, we probably very much *can* produce something more than 
> the
> bare minimum.  Something a lot more.
>
> But first we need to do *anything at all* that is useful.
>
> That means targeting the smallest bit of useful output that we can agree 
> to, and
> *later* building upon it.
>
> As of today, there is no standardized transit-time message authentication
> technique.  If we can produce a standard that permits validating ANY 
> identity
> with a signed message, we will have created a stable base for all sorts of
> enhancements.
>
> Enhancement obviously include: associating it will other identities in the
> message, using the *absence* of a signature as significant with respect to 
> the
> policies of some identity, determining the wonderfulness of the signing 
> identity
> (ie, using standardized access to reputation and accreditation services), 
> and so
> on.
>
> Until we have the core mechanism of signing a message and validating that
> signature, we have nothing but fantasy.
>
>
>
>  d/
>  ---
>  Dave Crocker
>  Brandenburg InternetWorking
>  +1.408.246.8253
>  dcrocker  a t ...
>  WE'VE MOVED to:  www.bbiw.net
>
>
>
> _______________________________________________
> ietf-dkim mailing list
> ietf-dkim at mipassoc.org
> http://mipassoc.org/mailman/listinfo/ietf-dkim
>
>

More information about the ietf-dkim mailing list