[ietf-dkim] 1359: ssp-requirements-01 // Outsource First Party
Signing concerns extended
stephen.farrell at cs.tcd.ie
Wed Oct 11 07:08:22 PDT 2006
That was agreed to be closed on the jabber session.
No-one spoke against that, so please consider this closed/rejected.
(Eliot - you can close it now, thanks.)
Douglas Otis wrote:
> There was some agreement on the list regarding considerations pertaining
> to who should receive the abuse feedback enabled by the DKIM signature.
> When a designation scheme is considered, then this feedback
> consideration becomes far more significant. Some assume the signing
> domain will accrue a reputation for unsolicited commercial email, but
> this overlooks limitations in the DKIM protocol making such
> accountability impossible.
> While DKIM may provide a means for accruing a list of domains that
> either do or do not phish, it does not provide a means for accruing a
> lists of domains that do or do not send unsolicited commercial email.
> As a result, accrual of reputation for general acceptance will continue
> to be done by the IP address of the SMTP client. This consideration
> significantly alters assumptions regarding which domain should be
> signing the messages, and what role domain designation might play.
> NOTE WELL: This list operates according
More information about the ietf-dkim