[ietf-dkim] SSP sender expectations
hsantos at santronics.com
Tue Dec 4 09:11:46 PST 2007
J D Falk wrote:
> Wietse analogized:
>> DKIM and SSP have no more "enforcement" power than broadcast radio.
>> You don't know who "receives" the signal and you certainy can't force
>> them to do anything with it.
>> With the DKIM and SSP broadcast model, you can define the format
>> of the signal and its meaning. That's all. If you want to
>> control the receiver and "deny" mail, then you need a
>> fundamentally different model.
> The same could be said about email today, yet there's an entire industry
> built up around senders of email trying to convince receiving sites to
> treat their messages in particular ways. Senders of email /want/
> certainty, and what we've seen so far is that they'll leap on even the
> slightest hint that they're about to get it. SSP will be no different.
> On the other side, many potential implementors really really want to
> know that they can reject all unsigned mail from a particular domain.
> Seems to me that that's the important part here. I'm not sure anything
> else is going to matter.
+1, thank you.
I just wish the note, it isn't the idea of rejection per se, but rather
dissemination - i.e, getting a better handle of what is being received
to assist in any classification process.
If receivers are expected to go to the expense and extremes of adding
the overhead to watch and process DKIM messages, there must be a payoff,
a reason to justify it all. Conversely, the same is true for senders.
If they are going into the expense and extremes of carefully signing
their mail which now comes with some new ambiguous "responsibility" (not
to be taken lightly) they too would want to have a payoff behind it all.
Hector Santos, CTO
More information about the ietf-dkim