On 1/20/25 4:42 PM, Murray S. Kucherawy wrote:
I guess the reason I ask is whether there is actually some
immediacy to
this. It's been 20 years since DKIM came around and has been pretty
quiet as far as I know. If there is -- or at least some of it is
-- it
might be better to separate tasks that need to be immediately
addressed
so as not be boat anchored to things that can wait.
I wouldn't say it's been quiet. There's a trail from STD 76 littered
with abandoned drafts attempting to address one issue or another, but
none of them have achieved enough critical mass to reach publication
or broad implementation. I would agree though that there hasn't been
any urgency in all that time.
One way to look at this effort is that it's a collection of those
abandoned concerns all being addressed, finally, in one shot, with the
momentum of a handful of large operators.
I mean, I'd expect this to take 5 years at a minimum. The original took
about that and nothing much changed once IIM and DK were merged. That
and I wasn't being facetious about second system syndrome: with computer
engineering, there are those who have read Fred Brooks (rip) and those
who repeat the mistakes blindly (the rest of us repeat the mistakes
knowing better :).
But my larger point is that it might be better to divide and conquer on
the documents front. The "message changes" algebra seems like a
tractable problem -- it could just be a header that is signed by
whatever -- but other things like the so-called replay problem could
take years and then still flop. Requiring an entire package of changes
in one document could needlessly delay implementation and deployment of
the easier things.
Mike
_______________________________________________
Ietf-dkim mailing list -- ietf-dkim@ietf.org
To unsubscribe send an email to ietf-dkim-le...@ietf.org