[ietf-dkim] Re: Should DKIM drop SSP?

[Dave Crocker]

Doug,

My, my, but aren't we having fun consuming list bandwidth?


> SSP, as it is currently defined, will cause a reduction in the integrity 
> of email delivery which, before this strategy, managed in spite of 
> inordinate abuse.  This policy placed exclusively on the From header 
> will eventually coerce domain owners into making the only protective 
> assertion available that will _prevent_ the use of most services and the 
> loss of legitimate messages.

Threads like this one usually are based on a firm assertion of an inevitable 
future, coupled with an insistence on the immediate need for particular 
changes to cure things.  The usual problem with these threads -- besides how 
much they distract from the topic at hand, such as getting the working group 
chartered -- is their presumption about the certainties of human and group 
behavior.

If I am understanding the concern, this time, it is that the constraints in 
SSP will have a Procrustean effect, with all mail sent by everyone, trying 
to be to be forced into its limited confines.

The flaw, of course, is that the current SSP is intended for limited use, 
not universal use.  Folks should re-read Mark Delaney's note about the role 
of this *first* effort at an SSP.  There is much to debate legitimately 
about the current SSP, but the proffered doomsday scenario does not seem to 
qualify.

In any event, Doug, before you try to sell solutions, please limit yourself 
only about the problem you see.  Garner support that a) your assessment is 
valid, and b) it must be solved in the near term.

Only when you have that support will it make sense to discuss possible 
solutions.

Conflating the process of explaining the problem and trying to sell a 
solution is just plain confusing, at least for me.

d/