[ietf-dkim] Charter bashing...
Dave Crocker
dhc at dcrocker.net
Wed Oct 12 08:47:41 PDT 2005
Folks,
> Frankly, I think this is a huge step backwards. You're changing the
> charter
> from discussing the goals of the service we're trying to define to
> discussing
> the details of the mechanisms we use to build the service. IMO this is
> going
> down a path that is likely to cause far more problems than it solves,
> as it
> invites confusion with efforts to define very different services using
> similar
> mechanisms.
> ...
> The existing charter was careful to distinguish between service and
> mechanism. Let's please try and keep that distinction.
This is a point that Ned has been stressing and I believe he is entirely
correct.
The benefit of having our discussions consider mechanics as "merely"
secondary, so that we maintain a focus on goals/purpose, strikes me as
massive.
> DKIM is _not_ an alternate signature service, and that's precisely the
> point.
> DKIM only uses signatures as a means to an end, and the end is not to
> provide a
> nonrepudiatable signature covering the message. Rather, it is to
> provide a
> means whereby someone can assert responsibility for a message. This is
> a type
> of authorization service, not a signature service. We are forced to
> use digital
> signatures as a mechanism because the service has to deal with forgery
> and
> replay attacks, but that's an (unfortunate) implementation detail.
The main reason I am posting this response is in the hope that folks
will (re-)read the text of Ned's that I have quoted.
I believe a very great deal of confusion will be avoided if we can all
embrace this one, main concept that he has so nicely distinguished.
d/
More information about the ietf-dkim
mailing list