[ietf-dkim] [Fwd: I-D ACTION:draft-fenton-dkim-threats-02.txt]
Andrew Newton
andy at hxr.us
Fri Jan 6 06:21:01 PST 2006
On Jan 6, 2006, at 5:40 AM, Eliot Lear wrote:
> Oddly I think we are agreeing, so perhaps we're both going in the
> wrong
> way ;-) I thought the point was to bound DKIM's capability. On the
> other hand, one could imagine a strict requirement for domain
> assignment
> in some TLDs (perhaps this is already the case with .gov?).
> Regardless,
> absent that level of authentication between the registrar and the
> domain
> "owner" you're left with reputation services...
Actually, there are TLD registries that do have registration rules.
This is true of many ccTLDs and some of the sTLDs (sponsored TLDs).
But the vast majority of domain registrations are in TLDs that have
no registration rules of the type being discussed here.
To say:
>> DKIM's ability to identify a domain owner is [also] bounded by
>> whatever checks a registration authority imposes.
could be read to mean some domain registration rules can be counted
upon for this purpose. Practically speaking, I don't think this is
true at all.
-andy
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mipassoc.org/pipermail/ietf-dkim/attachments/20060106/8d9700ac/attachment.html
More information about the ietf-dkim
mailing list