[ietf-dkim] 1365 yes/no
Hector Santos
hsantos at santronics.com
Thu Mar 1 00:29:24 PST 2007
Hallam-Baker, Phillip wrote:
>> Subject: Re: [ietf-dkim] 1365 yes/no
>>
>>
>> On Feb 28, 2007, at 2:23 PM, Stephen Farrell wrote:
>>
>>> issue #1365 calls for eliminating requirement
>>> 6.3.2 which says:
>>>
>>> " [PROVISIONAL] The Protocol MUST be able to publish a Practice
>>> which is indicative that domain doesn't send mail."
>>>
>>> If you want to eliminate that requirement say: +1 If you
>> want to keep
>>> that requirement say: -1
>
> +1 its out of charter scope
I've heard you say this a few things, and I've been begging to ask
because I'm scratching my head over how its out of scope?
This POLICY and among others have been part of the design
discussions/debates process since the beginning with the original SSP
specs, the current SSP specs including my own DSAP and most importantly,
it being already MODELED in published DKIM/SSP open source software.
Not wanting it is one thing, but saying its out of scope, I would
disagree with that for one simple reason: Bad guys will most likely
randomly use domains with fasimilies of 3rd party signatures. If a
domain doesn't send mail, not only will this policy indirectly protect
the domain but also directly reduce the abuse on the receiver.
In my view it is extremely powerful policy with a very high payoff.
--
HLS
More information about the ietf-dkim
mailing list