On Wednesday, June 11, 2014 6:33 PM, Alessandro Vesely <[email protected]> wrote:
> Or am I missing something? delegated domain inclusion in DKIM-D header is optional, and considering it requires some kind of whitelist from which its to draw a list of domain it should include, compared 2 those it should not, it is most probably not gonna be used. not to speak that creation of such a whitelist is whole another problem. if u instead, make it automatic, for example, putting To: domain into DKIM-D header automatically while message is signed, then u have an open hole of spoofing such message by any user of, for example, ESP which was in original To:. so, u again need 2 fall back to whitelist. now comes the question of why r we doing whitelisting in headers, solving only a small portion of the DMARC-excluded email, when we could do whitelisting in ASL, and deal with the problem in a much broader way? if we r doing whitelisting, it should be done properly, not with aidband like DKIM-D. > Beg your pardon, but I don't think you mean age/sex/location. What is ASL? Aligned Sender List... or Allowed Sender List, we r still debating about the name. Hector Santos introduced it some time ago, as a 3rd party solution for DMARC. it is still being worked on, but it's much more promising than DKIM-D. i simply prefer it over any header mumbo jumbo: 1. has no spoofing elements like DKIM-D, 2. can always survive message path, unlike anything header based, 3. provides much wider support for 3rd party than just ML. -- Vlatko Salaj aka goodone http://goodone.tk _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
