[email protected] wrote: > Daniel, > DKIM signing clearly defines who takes responsibility for > signing an email
Responsible for what? Can I get sued when something goes wrong? > ADSP is only useful if it is implemented by draconian senders > like financial emailers who really really want all malformed > dkim signatures to be dropped regardless of consequences Draconian? Maybe they don't to get sued when the new signer ignorantly ignores policy and resigns the mail thus passing the responsibility buck. You know the "You break, you own" pottery principle. PAYPAL was pretty smart to put a official RFC sanctioned technological disclaimer out there. > There is NO filtering usefulness using DKIM as it is > not reputation based. It does give one the ability to slow > down spoofing. If the signature matches then indeed the sending > ISP did in fact send it But what if it didn't match? Do you continue sending potentially spoofed mail? > Now why would anyone make time to evangelize against a > protocol at a conference is beyond me unless it was SPF :-) Maybe because for so long everyone heard about how great DKIM is, with years of no real proof or payoff shown, and now the conference sponsors decided to add an opposing viewpoint or a viewpoint that might suggest where there might be a payoff with DKIM. -- Hector Santos, CTO http://www.santronics.com http://santronics.blogspot.com _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
