On Tue, Jun 2, 2020 at 11:01 AM Dave Crocker <dcroc...@gmail.com> wrote:
> Your comment implies that what is displayed to the user is important in > anti-abuse efforts, but there is no data to support that view, and some > significant data to support the view that that's wrong. (cf, the > extensive literature review that was done during early BIMI discussions.) > That's a curious assertion given all of the energy that's gone into complaining about but never really resolving the "display name" problem over the years. I thought that was a key part of the vector of many successful phishing attacks. I suppose it's possible that operators came up with this problem and decided it needs solving, with no user complaints like "I was fooled by this fake From, can't you do something about that?" on which to base that. Hasn't M3AAWG at least had something other than anecdata that this is a true source of pain? DMARC is a triumph of infrastructure operator demands over end-user > experience. it's created a markedly Procrustean email identification > environment. > > The standards and the practice, for 45 years, have permitted certain > freedoms in the From: field and DMARC eliminated them. > > It's easy to be cavalier about this, since some operators run highly > controlled environments and have no incentives for paying attention to > those who have used those freedoms legitimately, for 45 years. > No reply here, just felt like citing this again. -MSK
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
