On Sun, May 10, 2015 at 10:40 AM, Stephen J. Turnbull <step...@xemacs.org> wrote:
> > This "How do we populate the set?" is "the registration problem". > > There are some implicit "safely" and "at scale" adverbs in there > > too, just for flavor. > > Sure, but even with the adverbs it's not a "problem" for per-message > delegation proposals like yours and John's. For those proposals, we > already have technology in place for incoming messages (eg, Gmail user > filters) which could easily be applied to collect information from > incoming messages (and optionally from the users) and add delegation > fields computed *per user* per *outgoing* message. It's a *task* with > *costs* that can be estimated, they're not outrageous, and they > provably scale because they're already implemented at scale (for > different purposes). > > Those costs may still be too big to be justified by the prospective > benefits, but we need to come to some consensus on protocols and how > much risk of abuse they entail before we can estimate benefits, and > compute benefit/cost ratios. > Right, that's also a benefit of the dual signature approaches: the decision can be made based upon the characteristics of each message, in theory, where having to consult with a registry via the DNS implies the relationship is established for all mail. In the resigning methods, the registry, if one even exists, is completely internal and detached from the protocol. -MSK
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc