[ietf-dkim] SSP is the Sender Signing Practices,
not the Sender's accreditation
steve at blighty.com
Thu Nov 9 09:10:00 PST 2006
On Nov 9, 2006, at 8:34 AM, wayne wrote:
> As Wiestse recently said, much of this discussion has been gone over
> many times and already archived. From what I can tell, he seems to
> think this all implies that the usefulness of SSP has already been
> discussed and dismissed, and is wondering why these points are being
> raised again. I see just the opposite, I see it as having been
> discussed and understood where it can be useful and am wondering why
> these points are being raised again.
> Several others have cast doubt on the usefulness of SSP because it
> doesn't solve the phishing problems, especially the look-alike domain
> stuff. I see this as being a red-herring. SSP is not designed to
> solve the phishing problem.
Yet that is the use case that seems to keep coming
What is the real use case for SSP, in your opinion?
Not an abstract "well, the sender says they sign mail
and this mail isn't signed, so it's bad" sort of thing, but an
actual real-world example.
I think that would go a long way towards shining
some light on the goals, the current state and the
spaces between them.
More information about the ietf-dkim