Doesn’t this come back to the whitelist idea? For the green bar SSL certs (Extended Validation), the certs have a bunch of information encoded in it, and the browsers have a list of CA’s that they trust. AFAIK, the only way to do that for email is through DKIM but you wouldn’t highlight all DKIM-signed email, only DKIM-signed email that you trust which is compared against a whitelist.
-- Terry From: dmarc-discuss [mailto:dmarc-discuss-boun...@dmarc.org] On Behalf Of Murray S. Kucherawy via dmarc-discuss Sent: Thursday, June 5, 2014 4:09 PM To: John Levine Cc: dmarc-discuss@dmarc.org<mailto:dmarc-discuss@dmarc.org> Subject: Re: [dmarc-discuss] DMARC thwarted already? On Thu, Jun 5, 2014 at 3:34 PM, John Levine via dmarc-discuss <dmarc-discuss@dmarc.org<mailto:dmarc-discuss@dmarc.org>> wrote: We might, but we probably wouldn't, since there's no reason to assume that typical users understand the security implications of mail addresses and domain names. Also, considering that there is approximately an infinite number of ways to write something that looks sort of like some other thing that people are expecting, this approach is bailing the ocean with a sieve. It might work better to flip things around and try highlighting the good stuff. Green bar SSL certs are an example of this approach. +1 here too. As another data point, we long ago abandoned the idea of using DKIM to identify undesirable content outright and instead focused on using it to identify good stuff. That seems to be a much more productive discussion. -MSK
_______________________________________________ dmarc-discuss mailing list dmarc-discuss@dmarc.org http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)