----- Original Message ----- From: "Jeff Macdonald" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]>
> Dave, > Thanks for the response. So just implementing > http://mipassoc.org/dkim/specs/draft-allman-dkim-base-00-10dc.txt > without SSP is considered a valid DKIM implementation? For the list IETF record, If true, I believe quite strongly, with the hat of a senior software engineer, find this highly irregular premature promotion of an unsafe non-standard. If Steve Atkins assertion is true and early adopters will be bulk mailers and distributors, just consider the impact that it will impose of SMTP receivers who will undoubtedly find issues with guaranteed to occur mix policy exploits with no SSP verification protection. Systems will take matters into their own hands, ignore it or use DKIM signed mail against the bulk mailers thus reducing DKIM to yet another wasted bandwidth contribution to the net. Worst, advanced derivatives that secure DKIM protocol will surely emerge. In my opinion, any good actor member of the bulk mail community or DMA will be risking their reputation and mail distribution operations with a DKIM only concept. -- Hector Santos, Santronics Software, Inc. http://www.santronics.com _______________________________________________ ietf-dkim mailing list http://dkim.org
