On 7/18/2020 9:23 PM, Murray S. Kucherawy wrote:
On Sat, Jul 18, 2020 at 6:32 PM Dave Crocker <dcroc...@gmail.com
<mailto:dcroc...@gmail.com>> wrote:
If end users do not reliably make trust decisions based on /any/
of the
information in the rfc5322.From field, then how is this question
important. It seems to be seeking precise data about something that
isn't even secondary.
Google strikes me as the kind of place that would make a decision
about what to show users based on
Perhaps, but since we don't have their data and we don't have their
decision-criteria -- which might be quite different from what is needed
here -- then it's probably a good idea not to make assumptions about the
utility, nor to put all of the human factors marbles in the google camp.
I'm less convinced by the notion that all of the RFC5322.From is
disregarded by the preponderance of users when deciding what level of
trust to put in the message's content. That suggests we blindly open
and read absolutely everything, and I suspect that isn't the case.
1. That's not what it suggests, at all
2. No doubt there is a better way to put this, but I'm not thinking of
it, and this isn't just my second thought on the challenge, but quite a
bit more than that: This demonstrates why the IETF is a very poor venue
for conducting human factors discussions.
Again: There is quite a bit of experience demonstrating that providing
trust indicators to end users does not produce reliable -- ie, useful --
decision-making by end users.
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc
