[ietf-dkim] A funny thing happened at RSA...

[Jim Fenton]

I was at Michael Barrett's (PayPal CISO) talk yesterday morning.  He 
said that the early gains they have made have been with DomainKeys, but 
said quite clearly that "the future is definitely with DKIM" (or words 
to that effect).

He said that Yahoo! had blocked 50 million messages allegedly from 
paypal.com as a result of the lack of a signature.

He said a lot about SSP (I didn't correct him on the name, but of course 
he means ADSP).  He had described the arrangement they have with Yahoo!, 
and how they would like to have such arrangements with a lot of other 
ISPs and how there many other domains like them that would also like to 
do so, and that SSP is needed in order to allow this process to scale.

I haven't read the whitepaper yet.

-Jim

Murray S. Kucherawy wrote:
> Sorry, I wasn't done yet.
>
> The main reason I wanted to share this with the working group is to point 
> out that we got some confused people at RSA asking us why we're going with 
> DKIM and not DomainKeys in light of the content of this paper.
>
> I wonder if it would be prudent to (somehow) make a statement clarifying 
> that the experiment therein described was begun before RFC4871 was issued, 
> and thus before DKIM enjoyed any kind of real deployment.  Or something 
> like that.  Ideally that would come from PayPal but I don't know that we 
> have any direct participation from them here.
> _______________________________________________
> NOTE WELL: This list operates according to 
> http://mipassoc.org/dkim/ietf-list-rules.html
>
>