+1. -- Hector Santos, CTO http://www.santronics.com http://santronics.blogspot.com
Steve Atkins wrote: > On Sep 14, 2010, at 12:35 PM, J.D. Falk wrote: >> Yes, I know it requires more effort, but what we've been doing so far >> clearly isn't working. > The problem is that the two things have badly conflicting requirements. DKIM > is based on a domain-based identifier that's independent of the From: domain, > and that's where much of it's value comes from. ADSP is based on a > domain-based identifier that must remain identical to the From: field at all > times, and that's where it's sole value comes from. ADSP intrinsically > conflicts with the original design case for DKIM, despite being piggy-backed > on to it. > > So any document that puts forth even basic good practices for DKIM usage for > monitoring sender reputation (use d= to differentiate mail streams) is going > to be anathema to ADSP requirements (d= must be the same as the From: domain). > > And any ADSP-driven set of requirements (mailing lists should not only > re-sign any mail they re-send, they should alter the From: address to match) > is going to be considered nonsensical by people who consider DKIM a way to > tie an identity cookie to a message. > > And, as we've seen, any compromise document is hated by pretty much everyone, > even assuming you can get there. > > Cheers, > Steve > > > _______________________________________________ > NOTE WELL: This list operates according to > http://mipassoc.org/dkim/ietf-list-rules.html > > _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
