----- Original Message ----- From: "Michael Thomas" <[EMAIL PROTECTED]> To: "Hector Santos" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]>; <[email protected]> Sent: Monday, August 07, 2006 1:53 AM Subject: Re: [ietf-dkim] How to reconcile passive vs active?
> Hector Santos wrote: > >> >> Even then, the main issue are the potential damages that are being ignored. >> My wife said it best when asked why even the BIG companies like WALMART, >> YAHOO, CISCO, AOL.COM, BIGBANK should also support strong policies: > > I can say with little hesitation that Cisco will never publish the "strong" > policy as envisioned by Mark for our user population. I'd be interested > to hear from Mark whether Yahoo-inc ever would for their corporate > users. I agree 100% with you that most likely the larger big companies broadcasting mail to outside would may not have strong policies. (But will your customers who are using Cisco Products wish to have the option to use of strong policies?) Unfortunately, this is exactly what I am afraid of. This is exactly what the bad guy would hope as well. That's the problem. Figurely speaking, there are only a "handful" of big companies, there are hundreds of thousands if not millions of smaller companies which make up the majority of the internet. The big companies of the world, using relaxed signature policies or basically as DKIM-BASE only system, made to only work with augmented reputation systems, the bad guys will use this DKIM-BASE only concept against everyone else, the majority of the world which is made of the smaller systems. My wife, the lay person, the "Everyday" person, a user of these products, said it best. If the "CISCOS" are going to allow the low cost issues go by, it will be the little guy will be feel the blunt of these low cost issues which matters to them. The other side is this? Will you support the checking of policies for fraudulent mail coming into CISCO? -- Hector Santos, Santronics Software, Inc. http://www.santronics.com _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
