[ietf-dkim] A perspective on what SSP is attempting
Michael Thomas
mike at mtcc.com
Fri Dec 7 14:24:18 PST 2007
Eric Allman wrote:
>> SSP is one organization's attempt to tell another
>> what it should do with mail that is from a third
>> organization.
>
> You left out an important part of what SSP should (in my opinion,
> completely legitimately) try to do:
>
> SSP is one organization's attempt to tell another what it
> should do with mail that is from a third organization that
> claims to be from the first organization.
>
> Of course, SSP also includes guidance on unsigned messages.
That and "organization" gives a lot more legitimacy to the kind of
third parties that SSP is trying stop. But this whole formulation is
problematic though. Better is:
SSP is an organization's attempt to *inform* receivers what its
practices are so that receivers can make better disposition decisions
about mail purporting, but without DKIM substantiation, to have
originated from that organization.
Mike
More information about the ietf-dkim
mailing list