Steve Atkins wrote: > A lot of the controversy about SSP is based on > false positives - mail that was signed when sent but is not > signed when received. > > I know that various people have been looking at the cases where > that can happen, but I don't recall seeing any quantitative > results presented. If they have been, could someone point me > at them?
I wonder whether this issue might be amenable to resolution without worrying about empirical statistics. In other words: Perhaps one or all SSP settings require non-breakage along the path. If there is breakage, the mechanism is effectively disabled. In other words: Exactly how bad is it, for a legitimately signed message to fail the signature check and then be subjected to the usual vagaries of filter analysis? Similarly: Exactly how bad is it for an SSP I-Sign-All domain to have an unsigned message succeed through filters and get delivered? (I am tossing this into the mix, from the exchange Delany and I are having, about dictating delivery behavior.) I keep thinking that the fatal flaw to much of these discussions is our concern for perfect performance, rather than accepting that we won't get it and trying to make sure that errors are acceptable. d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
