> -----Original Message----- > From: [email protected] [mailto:[email protected]] > On Behalf Of Daniel Black > Sent: Wednesday, August 18, 2010 7:00 PM > To: [email protected] > Subject: [ietf-dkim] marketing dkim > > I've got a presentation slot for DKIM at APNIC next week to a bunch of > ISPs. > > My current plan for a talk is: > * DKIM is a really well developed standard for signing email > * Combined with ADSP=discardable it can filter email at ISP gateways > without > too much fear of unduely lost email > * BUT otherwise its useless in its current state.
That doesn't sound much like "marketing" to me... I would focus on the fact that it, in addition to being a mechanism to thwart forgeries, is a framework for providing things like domain reputation. It's an important layer enabling other very valuable things. Lots of enabling technologies are by themselves not especially useful, but that doesn't mean they aren't critical. > So DKIM is at a state where there is no offering of filtering advice > beyond > the theoretical discussion in RFC5863. The current mailing list > approach: > > MLM behaviors are well-established and standards compliant. Thus, > the best approach is to provide these best practices to all parties > involved, imposing the minimum requirements possible to MLMs > themselves. > > is rather defeatist and limits the encouragement for DKIM-Friendly > lists. Accepting the realities of a situation seems to be more practical than defeatist. The email world is loaded with software inertia. Working with that as a guideline is the best way to get something accomplished. If we're surprised by the absence of that inertia, things can only get better. > For reputation service providers the assumption that mail serivce > providers > are going to deploy DKIM for the benefit of reputation service > providers seems > a little hopeful considering their costs. Don't misunderstand me, > domain > reputation has a role in spam reduction and DKIM contributes to this, > there > just needs to be more benefit to the sender/receiver without it. I read this as saying "We need reputation for really effective filtering," which is completely true. I think a positive spin here would be much more likely to draw support; using words like "useless without" will do more to discourage your audience than encourage it. > At the end of the day the future I currently see for DKIM is the same > as SPF. > Some will deploy it but at the end of the day there will be no-one > filtering > on its results because of its deficiencies (MLM). The progress of > deployment > will stagnate in the same way as spf because there is no filtering: > (compare http://web.archive.org/web/20080130150257/http://spf-all.com/ > and > http://spf-all.com) Jeez, what's the intent here? Are you trying to get people excited about DKIM or convince them not to bother? > Please tell me where I'm wrong. I don't see nice thing to say to these > regional ISPs except that DKIM is useless until a clearer policy > framework for > filtering is available to everyone. If I, as someone excited about DKIM and what it can enable, were invited to speak someplace while this was my general disposition, I would politely decline to present anything at all. -MSK _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
