[ietf-dkim] Re: 1: 1 and assertions about third parties
johnl at iecc.com
Thu Jan 17 10:12:47 PST 2008
> My point is that there are different sorts of assertions: those
> suggesting that the receiver apply more scrutiny to messages from my
> domain are likely to be believable even if self-asserted,
Why? I see no reason to assume this is true.
The only practical evidence we have is that Paypal has told people through
informal channels that they sign everything and it's OK with them to
discard unsigned mail, but we already knew they're the biggest phishing
My expectation is that a large majority of domains that would publish
strict SSP policies would be small mail systems with no more forgery
problems than anyone else, but an exaggerated idea of their own
importance. Sort of like the people who send you mail, then demand you
jump through C/R hoops when you respond to it.
More information about the ietf-dkim