In article <[email protected]> you write: > > >--On 23 June 2010 13:09:30 +0000 [email protected] wrote: > >> Since Amazon set it up in the first place, wouldn't they be keenly aware >> of the service signing issues? > >Well, if they're using ADSP, then they have a chance. But it's going to be >difficult for them to keep track of the third party assertions made about >their services.
Are you making the assumption that all third party lists would be equally credible? That's no more likely than all DNSBLs being equally credible. In both cases, the good ones will make sure their data is correct, maybe by backchannels to the underying providers (see the Spamhaus PBL for an example of that) or by some kind of feedback watching the mail they make assertions about. The bad ones won't do that, and won't be useful. (See any number of useless poorly run DNSBLs for an example of that.) I'm not attempting to invent a way to ensure that all assertions are correct. It's a way to collect assertions into small enough groups that it's practical to do manual checks of the credibility of each group. R's, John _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
