[ietf-dkim] SSP = FAILURE DETECTION
hsantos at santronics.com
Fri Sep 8 13:59:19 PDT 2006
----- Original Message -----
From: "Dave Crocker" <dhc at dcrocker.net>
Subject: Re: [ietf-dkim] SSP = FAILURE DETECTION
> Wietse Venema wrote:
>> The purpose of a valid DKIM signature is to identify the party that
>> signed the message. Whether this is a first-party or third-party
>> signature is largely irrelevant. It's about accountability.
> It is interesting how vigorously and persistently this continues to be
Dave, it is NOT and NEVER WAS misunderstood!!
Although I have major concerns about the conflicts with this new
accountability and responsibility which undoubtedly leave itself open to
legal scrutiny, the difference is that DKIM-BASE creates a new level of
and SSP is about the detection of failure and non-compliancy with the
At some point, this "accountability" has to have some redeemable value.
You want receivers to play dumb and just return a VALID or INVALID state
which still acceptable the mail.
What I am telling you is that this regardless of what the SIGNATURE means,
its failure will not be tolerated in wide adoption.
So lets assume there is no SSP and we just have a pure DKIM-BASE verifier,
what do you want us to do with the two possible end-results?
- INVALID signature
- VALID signature
Do you want us to present 'something' to users and if so, how do you present
this to the different users types?
- ONLINE mail users?
- OFFLINE mail pickup users?
For the online users, our hosting software can present "something"
-WARNING: something wrong with this message?
-NOTE: This message seems to be ok!
But how do you pass this information for the offline mail pickup users?
Are you expecting them to be DKIM-READY to display this information
If so, why should the MTA even bother to do DKIM-PROCESS and just let the
offline MUA do the DKIM processing?
The bottom line is that you still need to "FILTER" something at some level
even if you don't use SSP at the MTA and I can assure you that without SSP,
I am less willing to assume product liability issues by wasting time doing a
ACCOUNTABILITY check at the MTA that has no payoff of eliminating mail.
Hector Santos, Santronics Software, Inc.
More information about the ietf-dkim