No one has shown that open ended unrestricted DKIM-BASE 3rd party signing
engines are safe and exhibit no open harm to original domain owners.
So where is the guessing?
a) Unrestricted DKIM-BASE 3rd party signatures are safe?
Or
b) Optional Controls for DKIM-BASE 3rd party signatures will help
secure 1st party signatures or 1st party expectations?
If there is a desire to not do any more work in the area, then in my
opinion, there is a burden to show there are no viable threats of major
concern for 1st party domains in an unrestricted DKIM-BASE 3rd party signing
(by anyone) environment.
If that can't be shown, then all that is being done is guess work too and
also guess work about what's good or ok for original domain properties
owners.
--
Hector Santos, Santronics Software, Inc.
http://www.santronics.com
----- Original Message -----
From: "Michael Thomas" <[EMAIL PROTECTED]>
To: "Scott Kitterman" <[EMAIL PROTECTED]>
Cc: <[email protected]>
Sent: Thursday, August 24, 2006 10:10 AM
Subject: Re: [ietf-dkim] Delegating responsibility: a make vs. buy
designdecision
> Scott Kitterman wrote:
>
> >There are domains out there that cannot do the NS delegation trick.
> >
> >
> Today. Whether there are any alternative tricks that they can perform is
> speculation. Given what I've seen proposed, I see no reason for
> encouragement.
> What we do have a good chance for is to screw the pooch by wasting a huge
> amount of time engineering to guesses.
>
> Mike
> _______________________________________________
> NOTE WELL: This list operates according to
> http://mipassoc.org/dkim/ietf-list-rules.html
>
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html
