Re: [dmarc-ietf] Definitely no Delegated authentication for Gmail

Well John, we have some things to talk about, and it will have to be in public. You should remember that you blocked me from direct communication when I tried to start a side conversation about improving ARC. I conclude that I am one of the trolls that gets in your way, since I have been

Re: [dmarc-ietf] Definitely no Delegated authentication for Gmail

Barry, This is wrong. He knows his post was not off-list. His defamation of my character is out of line. But he does it to those disagrees with. He is smarting than all of us. So nothing knew. Levine, editor of ADSP and the editor DMARCbis, needs to finally support DKIM Policy or give up

Re: [dmarc-ietf] Definitely no Delegated authentication for Gmail

[[ rather off list ]] I think we all established a long time ago that the Internet that Hector uses is very unlike the one the rest of us use, and it's not worth arguing with him. That said, I really wish the chairs would shut down the trolls. They may not think they're trolls, but they are

Re: [dmarc-ietf] Definitely no Delegated authentication for Gmail

On Sat, Apr 22, 2023 at 2:04 PM Hector Santos wrote: > > On Apr 22, 2023, at 12:58 PM, John Levine wrote: > > It appears that Jesse Thompson said: > > -=-=-=-=-=- > > A DNS-based lookup, perhaps in the style of ATSP as this thread is > describing, to query for not just domain-level

Re: [dmarc-ietf] Definitely no Delegated authentication for Gmail

> On Apr 22, 2023, at 12:58 PM, John Levine wrote: > > It appears that Jesse Thompson said: >> -=-=-=-=-=- >> >> A DNS-based lookup, perhaps in the style of ATSP as this thread is >> describing, to query for not just domain-level authorization, but also >> potentially user-level

Re: [dmarc-ietf] Definitely no Delegated authentication for Gmail

I am aware nobody is using ATSP. I have not seen an assessment of why nobody. The current implementation seems competitive with DKIM, which is my explanation for it's failure. Extending ATSP for user-to-domain, would address new functionality which addresses the large unsolved problem in our

Re: [dmarc-ietf] Definitely no Delegated authentication for Gmail

It appears that Jesse Thompson said: >-=-=-=-=-=- > >A DNS-based lookup, perhaps in the style of ATSP as this thread is describing, >to query for not just domain-level authorization, but also potentially >user-level authorization, I think is >compelling because it can: Once again, no. This is

Re: [dmarc-ietf] Delegated authentication for Gmail

Here is an scenario I long envisioned with high-valued services implementing a DKIM Policy model. Example: bank and a new online banking customer: Bank: "For online banking we need an email address for secured private email communications." User: "hmm, user.n...@esp1-domain.com

Re: [dmarc-ietf] Delegated authentication for Gmail

> On Apr 21, 2023, at 10:19 PM, Douglas Foster > > wrote: > > I mean something different. > > By "user-to-domain" I mean a DNS function which asserts: > When the message is signed by IETF, and the From address is my account, the > message is

Re: [dmarc-ietf] Delegated authentication for Gmail

On 4/22/2023 6:20 AM, Alessandro Vesely wrote: > Those kinds of sender-side authorization schemes seem to be designed for > ESP-like businesses, where a domain owner delegates Domain2 to send messages > on its behalf.  Using such schemes for mailing lists, thereby going down to > per-user

Re: [dmarc-ietf] Delegated authentication for Gmail

Those kinds of sender-side authorization schemes seem to be designed for ESP-like businesses, where a domain owner delegates Domain2 to send messages on its behalf. Using such schemes for mailing lists, thereby going down to per-user records sounds improper and bloats the amount of DNS stuff.