On Mar 9, 2009, at 5:00 PM, Stephen Farrell wrote: > On 9 Mar 2009, at 22:47, SM <[email protected]> wrote: > >> At 14:17 09-03-2009, John Levine wrote: >>> I sign all my mail, but there's no way I can say that with ADSP. >>> In its current form, ADSP is broken and useless. >> >> Given that one of the authors of draft-ietf-dkim-ssp-09 states that >> ADSP is broken and useless, is it worth publishing it on the >> Standards Track or even asking for publication? > > Firstly, we're not authors in the sense of being personally > responsible for each word - the ability and willingness to write > something with which you disagree is laudable in many cases and in > this case. Secondly, I don't think anyone would accuse John of a > chronic tendency to understatement. So, no I don't believe his > statement has any such implication,
Being in agreement with both John and SM, why is it reasonable to ignore this statement? Starting off with bad definitions is likely to forestall ADSP benefits. Additional security is less likely to be achieved when ADSP signature definitions are impractical, or reduce delivery integrity. Barry's suggestion to move ahead with ADSP seems unwise in light of recent discussions of how one should interpret ADSP definitions, and the i= value in particular. Requiring two signatures for compliance is just wrong. -Doug _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
