> > > >"We are part of bigger infrastructures than you ever will be and have >also thought long and hard about all this over a Kirk burger" is just >probably not going to provide many folks with the warm fuzzies they want >to have in their justifying making a choice to move forward with DMARC. >
I feel kind of insulted by this. There's a big difference between the areas of the spec that we know need broader consensus and the areas of the spec that we feel like we flushed out thoroughly. Identifying whether a given topic falls into one of those categories or the other goes a long way in terms of setting expectations around how open the working group will be to discussing it. We involved several very large financial institutions and a technical financial industry organization in our work to make sure their concerns were addressed. Speculating about concerns they may or may not have is not a constructive use of time as we already devoted several months to it. If you don't see the value of large scale data and experimentation, or the several years we devoted to it, or more than a year's experience running in it production at large scale, fine. The reporting component exists so that you can collect the data and make an educated decision for yourself as to whether you should use it or not. If you don't actually have a spoofing problem, and you don't see any value in the reports, then DMARC has nothing to offer you. No one is interested in trying to convince anyone to use DMARC who doesn't actually have the problem it tries to solve. Either you justify it yourself with the data provided, or you don't. > _______________________________________________ dmarc-discuss mailing list [email protected] http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
