[ietf-dkim] Re: Attempted summary
fenton at cisco.com
Tue Jan 24 10:23:54 PST 2006
Hector Santos wrote:
> ----- Original Message -----
> From: "Jim Fenton" <fenton at cisco.com>
>>> I think the way we all expect to use DKIM is that a message
>>> comes in, we check the signature, then we look up the signing
>>> domain in some sort of reputation system, be it a local
>>> whitelist or something fancier, then if the reputation is
>>> good we accept the mail, if it's bad we reject it, and if
>>> there's no reputation, we fall back and do what we would
>>> have done otherwise.
> You are kidding? Right? Do you really agreed with this? This is
> contrary of your SSP proposal. The above is not the chartered proposal.
> I hope we don't get lost into some undefined reputation concept.
> IMO, DKIM will not widely adopted with a "Batteries Required" concept.
> It will be nice to keep the protocol sweet and pure.
Stephen answered this well, but I'll also assure you that I haven't
recently gone crazy. DKIM, especially with SSP, delivers significant
value on its own, but it's also reasonable to point out the additional
benefits when it is coupled with reputation, accreditation,
[white|black]lists, or whatever.
> I suggest we try to keep away introducing a reputation system into the
> algorithm. It can always be added separately and independently. But as
> a protocol, I don't think it will be widely accepted for a few simple
> reasons - What Reputation System? Whose Reputation System? What is the
> "Fancy System?" Will it become a 3rd party central repository? Will
> there be a buy-in fee? Republican vs. Democrats?, etc. It is going to
> very hard to justify further support when we now have to begin promoting
> 3rd party A/R into our product lines.
I wasn't trying to introduce a reputation system into the algorithm.
I'm not even sure whether reputation or accreditation will prevail when
we get to that at some point in the future. The questions you raise are
exactly why we don't want to go down that rathole.
More information about the ietf-dkim