There was a recent press release on the spf web-site:
http://www.openspf.org/Press_Release/2007-04-21
I found it by accident[1] last Sunday. It looks fairly important to me:
US Financial Services Industry Group Endorses SPF
April 21, 2007 — BITS, a nonprofit industry consortium formed by
many of the largest financial institutions in the USA, has
announced their BITS Email Security Toolkit white-paper,
describing "protocols and recommendations for reducing the
risks" in institutions' e-mail correspondence, addressing
prominent problems such as identity forgery and phishing
(password fishing). BITS held an industry e-mail security summit
in November 2006, which developed these recommendations. The SPF
Project participated in this summit.
That's just the first paragraph. I read the white paper and although
there is much discussion of Sender ID[2] as well as SPF, there is no
mention of Sender ID in the recommendations.
--
--gh
[1] Followed the link in James Turnbull's April 8th post.
[2] Microsoft has patents for this and their licensing policy is not
acceptable to some open source groups (Open SPF has links to both Apache
and Debian statements, fwiw).
