I am aware nobody is using ATSP. I have not seen an assessment of why nobody. The current implementation seems competitive with DKIM, which is my explanation for it's failure.
Extending ATSP for user-to-domain, would address new functionality which addresses the large unsolved problem in our charter. Evading the problem by telling people not to use DMARC is not a solution. Admitting failure is an option, and I have been close to that on several occasions. But as of today, I think failure is unnecessary. I think the data hiding problem can be solved. I also like Ale's recipient authentication approach. The two approaches can be used in parallel. DF On Sat, Apr 22, 2023, 12:58 PM John Levine <jo...@taugh.com> wrote: > It appears that Jesse Thompson <z...@fastmail.com> said: > >-=-=-=-=-=- > > > >A DNS-based lookup, perhaps in the style of ATSP as this thread is > describing, to query for not just domain-level authorization, but also > potentially user-level authorization, I think is > >compelling because it can: > > Once again, no. This is not mission creep, it is mission gallop. > > Nobody uses ATSP, nobody is going to use ATSP, this is just yet more > distraction and wheel spinning that is keeping us from finishing. > > R's, > John > > _______________________________________________ > dmarc mailing list > dmarc@ietf.org > https://www.ietf.org/mailman/listinfo/dmarc >
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
