[ietf-dkim] DKIM+ADSP = FAIL, and it's our fault
hsantos at isdg.net
Tue Sep 14 12:54:30 PDT 2010
J.D. Falk wrote:
> ...but not for the reasons the anti-ADSP folks keep bringing up.
> DKIM is failing because every discussion about actually /using/
> DKIM inevitably gets stuck in the same old argument about ADSP.
Should you tell you something. Ignorance doesn't work either.
> Doesn't even matter what the argument is about anymore; it stops
> all forward progress every time. And we keep letting it happen --
> actively participating, even, including me.
The problem was that we allowed an author who never believed in policy
to take over SSP, removed all the 3rd party considerations and renamed
it ADSP. But he thought that would kill all the 3rd party signer issues.
> Continuing to argue these same points over and over is disrespectful
> of our colleagues both on and off this list, and of the IETF process.
So what you really asking if POLICY in general should be throw out,
disrespecting all that that believe it would be useful?
> So I'm going to stop, and I beg you all to join me.
And this this has been the problem, shut policy advocates using
Consensus by Osmosis - that hasn't worked either, maybe it should tell
> Stop arguing, and start writing drafts.
We did. DSAP and TPA and SSP was written. Policy opponents killed
those efforts. Two RFC standards were written for the Policy
functional requirements and Threads Analysis which included Policy
considerations. Policy opponents killed those which to ignore the
security concerns with unrestricted resigners.
The issue it doesn't go away.
Murray drafted the MLM I-D and that still isn't acceptable by the
> Let us discuss the drafts instead of attacking each
> others' intractable positions for the Nth time.
You promise not to attack Policy Advocates if they reintroduce new or
rehash 3rd party signer protocol I-Ds?
> Yes, I know it requires more effort, but what we've been doing
> so far clearly isn't working.
That I agree - opening minds on 3rd party signing issues might help,
or perhaps getting a new editor for ADSP to fix its bugs might work too.
Either way, you have to open your mind on POLICY otherwise it is a
waste of time, but the issues don't go away.
Moving DKIM to experimental status might work too until we figure out
how to add a protocol protection security layer to it. It doesn't
Hector Santos, CTO
More information about the ietf-dkim