----- Original Message ----- From: "Michael Thomas" <[EMAIL PROTECTED]>
> I'm afraid that this is a pretty fundamental misunderstanding > of what dkim-base does and does not provide. DKIM-base does > not say whether a given message is valid: that is not > something that it can say with any accuracy. It does > provide a mechanism for a receiver to determine whether one > or more dkim signatures are valid. How those (in)valid > signatures are evaluated by the receiver is out of > scope of the protocol. Sorry Mike, I prefer not to rehash all of this because it is already obvious people will read only what they want to read, twisting or turning the way they want it, filtering out the rest, etc. I'll wait until the next draft leaving you with this: By far, the industry direction for security is to preempt failure and problems before passing the buck to the user. There is no question this is the direction across the board in the security market simply before we have a long history to know the other ways did not work very well. You can try to force an one-sided meaning into what you think DKIM-BASE should be but rest assured if its doesn't SOLVE a problem it won't be used and if it creates problems, people will take matters into their hands. -- Hector Santos, Santronics Software, Inc. http://www.santronics.com _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
