[ietf-dkim] Srsly.
Douglas Otis
dotis at mail-abuse.org
Wed Jan 23 17:34:09 PST 2008
On Jan 23, 2008, at 4:36 PM, Dave Crocker wrote:
> Michael Thomas wrote:
>> Actually, I don't think that Ellen's business model needs to change
>> all that much: she needs to have her customers delegate her a
>> selector so that she can sign on their behalf.
>
> There's quite a bit of history in pursuing that alternative. It's
> viable in some cases and infeasible in others.
>
> While it makes sense to have the delegation, if the agent is
> intended to get the mail delivered based on the reputation of the
> author, it does not make sense if the reputation of the agent is
> relevant.
Agreed. Efforts establishing a domain delegation or maintaining
customers' keys and selectors may greatly impede acceptance from a
business perspective. Security breaches of providers holding many
customer keys may further impede DKIM acceptance when wrong domains
are accused of signing abusive messages. TPA-SSP offers a solution
that benefits delivery with the reputation of either party, ensures
forensics will locate the culpable or compromised domain, without
altering normal DKIM signing operations.
-Doug
More information about the ietf-dkim
mailing list