On Sep 12, 2006, at 10:59 AM, Hector Santos wrote:
hmmmmmmmmm, unless I didn't follow you right, I fail to see the
distinction or your point.
I get mail that pretends to be from my bank. The SSP says the mail
is 100% pure non-forged. However, the DKIM-BASE signing domain is
not in my list of trusted signing domains. I get a warning that
this mail could be sent by a party that I have no relationip with.
This may be a revolutionary concept to some, but a widely used
application called ssh has been using such tricks for 10 years.
Its approach to opportunistic authentication is not perfect for
purists, but it works for real people.
Having gone in circles twice, I think this is a good time to step
out of this thread.
That's fine by me Wietse, but keep in mind that you mistaken by
continuing to use a magic wand to change an apple into an orange,
by using reputation is part of the total solution when in fact, it
is suppose to be out of scope in this WG.
Hector,
You have completely missed what was being said. Where do you even
see the word reputation?
-Doug
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html
