[ietf-dkim] Re: New Issue: ssp-requirements-01 // Negative
Commentary corrections
Douglas Otis
dotis at mail-abuse.org
Thu Sep 21 11:02:20 PDT 2006
On Sep 21, 2006, at 12:04 AM, Frank Ellermann wrote:
> Douglas Otis wrote:
>
>> The process of validating an email-address is common place and
>> done by thousands of applications from mailing-list mangers, the
>> assignment of email-certificates, or granting access to web-sites.
>
> NAK, that's far from common, from four mail providers I used to
> know only one enforced submission rights (=> good reverse path,
> arbitrary header), and another - putting it mildly - implemented
> his own vision of 4409 8.1 (=> good reverse path with enforced
> matching 2822-From), offering the more common "whatever you say"
> for a small monthly fee (maybe to sponsor their abuse desk).
For any version of DKIM to realistically offer assurances of an email-
address, some form of account/email-address correspondence is
required. The version of the email-address policy suggested does not
required the assertion that the email-address is valid. However, an
ability to communicate when an email-address is valid, and have this
presented by a well-known and trusted domain will bring considerable
value to DKIM as a specialized service.
> BTW, I'm looking for interested folks helping to fix RFC 4409 8.1,
> and then push a derived 4409bis to STD (see rfc822 list).
I'll review that document and subscribe to the rfc822 list.
-Doug
More information about the ietf-dkim
mailing list