On Jun 5, 2014, at 4:22 PM, Terry Zink via dmarc-discuss <[email protected]> wrote:
> Doesn’t this come back to the whitelist idea? For the green bar SSL certs > (Extended Validation), the certs have a bunch of information encoded in it, > and the browsers have a list of CA’s that they trust. AFAIK, the only way to > do that for email is through DKIM but you wouldn’t highlight all DKIM-signed > email, only DKIM-signed email that you trust which is compared against a > whitelist. > > -- Terry > You could just show the domain in green on the MUA, to show that this email is successfully DMARC authenticated by the domain and the domain as strong DMARC policies (p=reject). I feel it should show the UTF8 version as well as the puny code version…. No need of a CA. Spammers could use DMARC too, but it is about authentication/attribution not about reputation. It seems to me the DMARC spec, should contain strong advice to MUA. MUA developers do read RFCs, otherwise they would never have done POP/IMAP...
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ dmarc-discuss mailing list [email protected] http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
