[ietf-dkim] RE: I think we can punt the hard stuff as out ofscope.
hsantos at santronics.com
Sat Jun 9 05:29:06 PDT 2007
John Levine wrote:
>> Would it help the discussion if large deployers of DKIM expressed their
>> opinions on nomail? (Again, they could express their opinions and this
>> item could still be held for later.)
> If nomail is indeed the most useful SSP-ish assertion, which I agree
> it is, it might make sense for people who care about it to go work on
> moving MX . (or some other pure nomail approach) along the standards
> track rather than getting entangled in SSP.
-1. IMO, I don't see any entanglement and it would be far easier to
implement this via a new SSP protocol rather than begin changing the
long time semantics of MX which IMO has a far greater chance of not
> One killer problem of putting nomail into SSP is that if example.com
> publishes a nomail SSP, and sends signed mail, there is no agreement
> at all here on which one you believe.
The same can be said when he declares "I ALWAYS SIGN" or "I NEVER SIGN"
and sends unsigned or signed mail anyway, respectively.
Should we believe him? Where you do draw the line?
In either case, it is an easy decision. Its the fault of the domain.
Hence, as always, the domain bears the consequences of its mistakes.
Hector Santos, CTO
More information about the ietf-dkim