[ietf-dkim] portable reputation
dhc at dcrocker.net
Thu May 29 09:20:40 PDT 2008
John Levine wrote:
>> One thing we hear a lot about in other contexts is reputation
>> portability. If paypal were to create a new service, it would want
>> to borrow from its reputation.
> Reputation portability is indeed important, but I don't see why one
> would want to implement it by default fuzzy domain matching, with all
> the phish vulnerabilities that opens up, particularly when DKIM
> already provides straightforward workable ways to do it.
Typical discussions about reputation portability have been based on use of IP
Addresses. The need for portability is due to being forced to use different
IP Addresses. Using domain names as identifiers changes the entire game. For
one thing, it permits the reputation to be based on a far more stable identifier.
To whatever extent we want reputations to be able to be "portable" we need to
make sure it does not conflict with desires to keep them separate.
More information about the ietf-dkim