On Tue, Apr 14, 2015 at 7:56 AM, Stephen J. Turnbull <step...@xemacs.org> wrote:
> > If I misunderstood the proposal and it requires someone to be > > keeping a list of mailing lists used (either globally or by > > individual users), then I think this is not a good idea at all. I > > don't think any tracking/whitelisting design is going to succeed at > > scale. > > I can't speak for Murray, but I can't see that his proposal does. > Sorry, I've lost context. I assume you're talking about dkim-list-canon. You could apply it only when you know the mail is going to a list, maybe if you're worried about overall header size or crypto cost, but it's designed to be used generally. Since it's a signature that covers the whole message, it's not replayable (any more than basic DKIM is). Really, isn't the question whether Yahoo! and AOL are willing to do > *anything* to mitigate? We need some participation from them or it's > useless, and if at least one does participate, it's a win. What are > they willing to think about implementing? > At least one of them is subscribed, but I've no idea if they're actively monitoring. At the same time, I think the feedback we're getting from MS and Google is equally valuable, and they're active. -MSK
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc