----- Original Message ----- From: "Jim Fenton" <[EMAIL PROTECTED]>
>> I think the way we all expect to use DKIM is that a message >> comes in, we check the signature, then we look up the signing >> domain in some sort of reputation system, be it a local >> whitelist or something fancier, then if the reputation is >> good we accept the mail, if it's bad we reject it, and if >> there's no reputation, we fall back and do what we would >> have done otherwise. > Agreed. Jim, You are kidding? Right? Do you really agreed with this? This is contrary of your SSP proposal. The above is not the chartered proposal. I hope we don't get lost into some undefined reputation concept. IMO, DKIM will not widely adopted with a "Batteries Required" concept. It will be nice to keep the protocol sweet and pure. I suggest we try to keep away introducing a reputation system into the algorithm. It can always be added separately and independently. But as a protocol, I don't think it will be widely accepted for a few simple reasons - What Reputation System? Whose Reputation System? What is the "Fancy System?" Will it become a 3rd party central repository? Will there be a buy-in fee? Republican vs. Democrats?, etc. It is going to very hard to justify further support when we now have to begin promoting 3rd party A/R into our product lines. If that is what you want to do, go for it, but its not the proposal and charter - it is not DKIM nor your SSP proposal. I would like to ask the chairs to set the record straight. If a reputation system is part of the proposal, charter, I would like to know this ASAP. -- Hector Santos, Santronics Software, Inc. http://www.santronics.com _______________________________________________ ietf-dkim mailing list http://dkim.org
