--- On Sat, 10/17/09, G. D. Fuego <gdfu...@gmail.com> wrote:
> DKIM is optional and not widely implemented.
.snip.
> Of course none of this matters unless we could coordinate a
> shift off of smtp, which would likely be about as fast as
> the IPv6 migration unless there was a simple migration path.
This is the most important piece (more important than technical elegance): the
willingness/ability to adopt the solution. IPv6 adoption is glacial/dead
because nobody gives a squirrel's heinie about it, the same will be true for
every mail solution that doesn't give people an intrinsic jolt of GS
(Gottahaveit Syndrome).
IMHO, a sender-authentication system that runs over SMTP and allows at least
*some* mail to be highly-verifiable as known-good - and that was easy to adopt
at the user level - could spread like wild fire and drive adoption and
refinement thereby reducing the value of spam to near-zero. (fwiw I think this
would require some amount of strong auth to work at all)
An outright replacement system for SMTP as a whole strikes me as extremely
unlikely. The amount of inertia to push against dictates that the alternative
would have to be outrageously beneficial and that benefit would have to be
overwhelmingly demonstrable or it would never be able to build the necessary
momentum.
-chris
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
