[ietf-dkim] SSP = FAILURE DETECTION
wietse at porcupine.org
Mon Sep 11 11:12:56 PDT 2006
Thomas A. Fine:
> Wietse Venema wrote:
> >Criminals switch strategy, and use look-alike domains to make their
> >mail look even more authentic than it does today.
> >If this is how SSP stops phishing mail, we have achieved nothing.
> I can NOT stop burglaries, but I still have locks on my doors. But
> SSP is BETTER than a lock:
I you knew my work then you would know better than to picture me
as an "it's not perfect therefore it's worthless" zealot.
DKIM-base can help to give good sites an edge over look-alike
domains (with a trusted signing domain list, possibly maintained
like an ssh trusted fingerprint list).
I see no such advantage with SSP.
More information about the ietf-dkim