[mail-vet-discuss] secdir
review ofdraft-kucherawy-sender-auth-header-11.txt (fwd)
Dave Crocker
dhc at dcrocker.net
Thu Jan 31 22:41:14 PST 2008
My reading of the review is that, so far, the reviewer is actually being
reasonable.
They are calling for very careful statement of scope and utility. And, yeah, a
bunch of frankly pro forma caveats. But the substance seems to really be about
clarity and precision, rather than perfection, uselessness, or the like.
d/
J D Falk wrote:
> [redacted] advised:
>
>> In spite of my qualms, I recognize that spam is a huge
>> problem and that email authentication is a somewhat effective
>> tool against it. Some of the problems described above are
>> very hard to solve but many can be addressed easily.
>> If there is rough consensus within the email community that
>> standardization of this header is beneficial, it should go
>> forward.
>
> *whew*
>
> Reading this, I was getting worried that the entire thing would be
> blocked forever (or until email authentication is 100% perfected for all
> use cases, which may take even longer than that.)
>
> Sounds like there'll need to be a whole bunch of statements about how
> this header is only as secure as your existing email infrastructure, and
> if your network is totally pwned then this header will probably be pwned
> too.
>
>
> _______________________________________________
> NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
>
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
More information about the mail-vet-discuss
mailing list