[ietf-dkim] user level ssp
Thomas A. Fine
fine at head.cfa.harvard.edu
Wed Sep 6 16:24:38 PDT 2006
The alleged half-implemented DKIM within a domain makes no sense
whatsoever - why would a domain work really hard to maintain
thousands or millions of records, so that the spammers can continue
to forge spam from their domain with policy-assured freedom?
The sensible solution is to dispense with all this user-signed nonsense.
It does no real good.
Domains should be free to set up as many keys as they want, and use
them however they want. If they want to set up a million keys, one
for each user, well, that's dumb in my opinion, but let them, because
it's not for me to dictate. At any rate, this will handle any odd
situations where users have a legitimate need to self-sign.
BUT: this should all be part of the standard mechansim for distributing
valid keys, and should not in any way be a special case for user
validation. It should simply be part of the selector mechanism.
More information about the ietf-dkim