On 1/11/25 11:55 AM, Murray S. Kucherawy wrote:
First, and probably the most important: We're not updating DKIM.
While this uses many of the core mechanisms of DKIM, this is doing
something quite different and is not itself DKIM. Thus, we should
plan to remove any language from the charter that suggests modifying,
extending, or otherwise touching DKIM directly. Moreover, I don't
think we anticipate, nor do we need to allow, any changes to the stuff
EMAILCORE is currently working on.
Second, a corollary to the first: We probably should call this
something else. I'm fine if we take a bit of time to figure this out
and continue the discussion here -- for that matter, the name of the
thing we want to build here and the name of its working group don't
need to coincide -- but let's at least agree on this point.
Third, we need to acknowledge that there is a lot of new stuff here.
DKIM has a long and well understood deployment history, but ARC
doesn't, and although we've toyed with the ideas many times over the
years, the notions of reversible mutations and signing a single
envelope recipient per signature are almost completely untested. Now,
I don't agree that this rises to the level of dispatching the work to
the IRTF (and if I recall past conversations with them, I think they
would agree), but we should be prepared for the idea that this is
going to take a non-trivial amount of testing and iteration to ensure
it doesn't fracture the ecosystem when deployed at scale. We're in
the territory of the Great Debate(tm) around setting a high bar for
Proposed Standard versus underscoring the word "Proposed" and letting
things go while there may still be some rough edges.
Yeah, ok. See you in ten years, Second System Syndrome being a thing.
But at least correct the mistake of relying on DNS as the store for
keys. IIM proved that wasn't a problem and it was a mistake when we had
ample deployment experience that TLS wasn't a problem back then, and
certainly not now with QUIC and DoH. My fault, and I regret it.
Mike, now not particularly worried that harm is imminent.
_______________________________________________
Ietf-dkim mailing list -- ietf-dkim@ietf.org
To unsubscribe send an email to ietf-dkim-le...@ietf.org