Murray S. Kucherawy wrote: >> Hector wrote: >> >> No Murray. But perhaps someone should be because the responsibility is >> now once again shifted from the passive 3rd party signer back to the >> visible 1st party 8222.From equal d= domain transaction. As far as >> the potential millions of potential receivers are concern, the Author >> Domain is once again responsible for signing the message. > > And rightly so, in this scenario. But even if it's a visible > third-party delegation, now the From: is associated with a third-party > and a bad signature. Are you saying that's better? If so, based on what?
If anything Murray, traceability - verifiers and assessors would know who is the responsible signer and it isn't the principle author domain. In the advent of this anticipated new reputation scoring market, it would be the primary domain at risk - not the passive 3PS service. The 3PS domain is protected from harm while collecting the bucks. :) >> Worst, when the signature fails, the wrong domain brand and unknown >> reputation scoring across receivers is negatively hurt. > > That would be a poor implementation. A failed signature is supposed > to be treated as no signature. But why would not a national food/entertainment store chain (one you would know of if you have/had kids) outsourcing their "Get free tokens" and coupon spams to their few million subscribers be concern or at least find out if their payoff is being minimized or could be potentially minimize in the near future with these faults? Hence we back to the policy question again. I always felt this RFC 4871 mandate - a policy mind you in its own right, was molded because of SSP and remained when SSP was split from DKIM. But the more we deemphasize policy, the more pressure we have to keep broken signatures for "reputation" or heuristic assessors and worst, design pressures to consider the even more drastic changing the 5322.From to match the last signer in the mail path either because of ADSP or to provide the "positive appearance of 1st party mail." Its a vicious cycle. We'll figure it out one day. :) -- Hector Santos, CTO http://www.santronics.com http://santronics.blogspot.com _______________________________________________ dkim-ops mailing list [email protected] http://mipassoc.org/mailman/listinfo/dkim-ops
