--On 23 June 2010 13:09:30 +0000 [email protected] wrote:
> Since Amazon set it up in the first place, wouldn't they be keenly aware > of the service signing issues? Well, if they're using ADSP, then they have a chance. But it's going to be difficult for them to keep track of the third party assertions made about their services. I think it's worse to drop mail because Amazon are no longer doing what some third party thought they were doing, than it is to drop mail because Amazon published incorrect records. I might find some value in a list that asserts "You can trust the ADSP records for these domains...." than a list that asserts "These domains always sign their email..." > > Mute point if they understand what they are doing. > > > Regards, > Damon Sauer. > > Sent from my Verizon Wireless BlackBerry > > -----Original Message----- > From: Douglas Otis <[email protected]> > Sender: [email protected] > Date: Tue, 22 Jun 2010 17:37:26 > To: <[email protected]> > Subject: Re: [ietf-dkim] New Version Notification for draft-levine-dbr-00 > (fwd) > > On 6/22/10 5:07 PM, John Levine wrote: >> Not quite, it's a third party's assertions that are somewhat but not >> really like ADSP >> >> As far as I know Amazon doesn't make any ADSP assertions, but it is my >> impression that they sign all their transactions with DK or DKIM, and >> they're certainly a phish target, so it would be reasonable to drop >> unsigned Amazon mail anyway. >> > What happens when Amazon has a service using a parent signature? As a > result of a third-party vouching service, their messages might be > discarded, and they won't become aware of the issue until damage is wide > spread. TINLA, but it seems having a service advocating for the > discard of someone elses's email could be a liability. How does one > determine whether a vouching service is authoritative for the domain in > question? Please don't say use another vouching service, because the > issue is _who_ should decide whether a message must have a valid > Author-Domain signature or be discarded. > > -Doug > > > > > > _______________________________________________ > NOTE WELL: This list operates according to > http://mipassoc.org/dkim/ietf-list-rules.html > > _______________________________________________ > NOTE WELL: This list operates according to > http://mipassoc.org/dkim/ietf-list-rules.html -- Ian Eiloart IT Services, University of Sussex 01273-873148 x3148 For new support requests, see http://www.sussex.ac.uk/its/help/ _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
