[ietf-dkim] SSP False positives/negatives
Dave Crocker
dhc at dcrocker.net
Mon Aug 7 11:57:55 PDT 2006
Steve Atkins wrote:
> A lot of the controversy about SSP is based on
> false positives - mail that was signed when sent but is not
> signed when received.
>
> I know that various people have been looking at the cases where
> that can happen, but I don't recall seeing any quantitative
> results presented. If they have been, could someone point me
> at them?
I wonder whether this issue might be amenable to resolution without worrying
about empirical statistics.
In other words: Perhaps one or all SSP settings require non-breakage along the
path. If there is breakage, the mechanism is effectively disabled.
In other words: Exactly how bad is it, for a legitimately signed message to
fail the signature check and then be subjected to the usual vagaries of filter
analysis?
Similarly: Exactly how bad is it for an SSP I-Sign-All domain to have an
unsigned message succeed through filters and get delivered? (I am tossing this
into the mix, from the exchange Delany and I are having, about dictating
delivery behavior.)
I keep thinking that the fatal flaw to much of these discussions is our concern
for perfect performance, rather than accepting that we won't get it and trying
to make sure that errors are acceptable.
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
More information about the ietf-dkim
mailing list