[ietf-dkim] Using Reputation with DKIM-BASE - Its really not out of scope.

[Hector Santos]

----- Original Message -----
From: "Steve Atkins" <steve at blighty.com>
To: "IETF-DKIM" <ietf-dkim at mipassoc.org>

>> I was referrering to the "Dark Secret" model that Mr. Falk
>> and Mr. Akins was thinking about such as:
>>
>>     Result = DKIM-BASE + REPUTATION
>>
>> This has the potential to be different depending on which
>> receiver and its non-standard reputation layer.

> You seem to be deeply confused as to what "reputation" is.

Cheap shot.

> Every receiving MTA, and possibly every recipient will have
> a different view of a signers reputation.

Exactly.  There is no confusion about the potential to have varying results
based on a reputation model.

> Given that, expecting everyone to have exactly the same result
> when they apply their reputation model to an email that's
> authenticated from a given author is obviously nonsensical.

Of cause, so if its so fuzzy and subjective why did you start this thread by
answering the question "what is the purpose? indicating it will be part of
some out of scope reputation test?

I don't expect the same result with reputations - thats the point.  Its a
subjective concept and it really has nothing to do with the mechanics and
physical attributes of the DKIM protocol.

What if the DKIM message is not signed?  How does reputation play a role
now?  Are you thinking everyone is going to use some common DKIM related
reputation system like DAC with some inherent "No Signature" reputation
rule?

 no sign + domain part of DKIM reputation database ====> failure

Sounds like a SSP concept to me?  Oh I see. Just the wrong one.

--
Hector Santos, Santronics Software, Inc.
http://www.santronics.com