[ietf-dkim] SSP focus
Dave Crocker
dhc at dcrocker.net
Fri Nov 11 15:10:09 PST 2005
Folks,
> Having said all of that, I am at a complete loss as to much of this
> debate. If SSP isn't formalized in this group then you can be certain
> that bi-lateral or non-standard forms will emerge in parallel to
> DKIM. Those "select" domain - and we large service providers - view
> this component as too integral to authentication to forgo.
My reading of the activity on the list is that it is more about what to
formalize first, than whether to formalize anything.
I suggest that we should choose exactly one sender practice to formalize
first, and defer all others. This will allow discussion to be extremely
focused and maybe even allow us to get a practise published quickly.
Of course, the *framework* for recording this practise in the DNS certainly
needs to be extensible...
And, also of course, once the first is issued, we can pursue all sorts of
additional formalizations.
The first practise should be simple. It also should be trivial to understand
and should have immediate and broad utility.
The best candidate is a flag that says: "the domain associated with the From
field signs all its messages."
d/
ps. This is relevant to the charter, in terms of describing the SSP
deliverable narrowly.
pps. I believe quite a bit of confusion and distraction is caused by our
using the word "policy". It encourages people to think in terms of grand
strokes of organizational decision-making. Something more modest, like
"practise" might limit the overblown reactions we have seen to this effort
to allow signers to indicate how they do things.
d/
--
Dave Crocker
Brandenburg InternetWorking
<http://bbiw.net>
More information about the ietf-dkim
mailing list