On 7/26/10 6:24 PM, J.D. Falk wrote: > I think it's because, when you implement most protocols, if your end is > broken then you can't even talk to the other end. With ADSP, if your end is > broken then you can still talk SMTP and even sign with DKIM, but the other > end may silently discard your message. There's no feedback. > It's not lack of feedback causing unsubscribes on mailing lists. Don't blame sysadmin for these problems. ADSP, as currently defined, is unable to accommodate informal third-party services when attempting to offer protection from phishing. Rather than adhering to the "practice" aspect of ADSP assertions, ADSP's "discardable" changed this into advice on message handling, analogous to the "-all" of spf. Avoiding use of subdomains avoids confusing recipients recognition of the trusted domain, where use of unprotected subdomains just shifts the phishing problem. There is no getting this right.
A vouching service is unlikely to offer a fix either. How would a vouching service know better than the Author Domain? I would not want to be on the hook when getting this wrong. It would be better to allow senders the latitude for getting this right, and making their own explicit determinations. We have the technology. :^) -Doug _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
