[ietf-dkim] Re: SSP and DKIM, was Not exactly not a threat analysis

[John Levine]

>> Same starting line for both, not necessarily the same finish line.
>
>That's been my expectation all along. That was reflected
>in the proposed charter.

I think we're in violent agreement.  I don't see anything particularly
wrong with SSP, but as far as I know it's still just a paper design
which makes it a poor candidate for standardization at this point.

Pass a few million messages through it (not hard if you get mail from
Yahoo and Google) and we'll have a much better idea of how it does or
doesn't work.

R's,
John