----- Original Message ----- From: "John Levine" <[EMAIL PROTECTED]> Sent: Friday, September 08, 2006 12:48 PM Subject: Re: [ietf-dkim] The basic problem with SSP
>>2. I don't care about the breakage and I'd prefer you >> reject unsigned mail. > > Not to put too fine a point on it, but the fundamental question here > is why should the recipient care what the sender claims he prefers? > > Anytime you send e-mail to someone, you're basically asking them to do > you a large favor by investing the effort to accept and deliver it. > Senders don't get to set rules about what recipients can do. If thats the case, than explain why should receivers should bother processing DKIM signature mail? Whats the purpose? Why should it handle GOOD signatures differently than BAD signatures? and vice versa? Where is the payoff? Are we just looking for the "GOOD needle in the Haystack?" What about the rest of the non-complain DKIM junk? Why should EVERYONE be required do required non-standard reputations batteries to work with DKIM-BASE? Whose batteries should we use? Yours? Some other? As it is now, 99.99% of the systems out there ignore DOMAINKEYS messages. What is it about DKIM that will change this and make a wide adoption begin to process DKIM? Again, where and what is the payoff? If it isn't about SPAM, then what it is for? By world wide industry measurements, 80% of the transactions are non-compliant. Is DKIM going to reduce this, increase this? And even if BIGBANK.COM or ANYBRAND.COM finds that DKIM+DAC works for its exclusive social network, how will BIGBANK.COM protect itself against domains that don't subscribe to DKIM+DAC? You are 100%. You can't dictate how receivers are going to behave but you talking a big game about how systems should work with MUCH LESS using only just DKIM-BASE plus some other non-standard idea what as invented by TWO people, not put thru any IETF process. I have absolutely NO reason whatsoever to support DKIM-BASE to PROCESS the GOOD. But I have good reason to process the non-COMPLIANT and that includes DKIM-BASE if I see that it will be become exploited which based on our product history in the mail market for a WIDE range of customers from SMB to LARGE, I see DKIM-BASE only with open-ended 3rd party APPLIANCE signings opening a lot of can of worms. SSP to me is about Failure and Non-Compliance of the DKIM-BASE signature process - an AUTHORIZATION concept. Mail that passes the test is still untrusted and can be further processed using traditional AVS tools. But if you can eliminate a population of new world order of NON-LEGACY transactions based on non-compliance, than that is what I will be implementing into our software. SSP is about mail filtering by DKIM Policy Osmosis. --- Hector Santos, CTO Santronics Software, Inc. http://www.santronics.com Wildcat! Interactive Net Server _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
