It appears that Scott Kitterman <skl...@kitterman.com> said: >>* Is there consensus on moving ahead with the idea of a way to indicate >>which authentication method(s) the Domain Owner wants Receivers to use? If >>so, it doesn't seem to be in the document yet. > >I haven't seen any valid case for it yet. It adds complexity to little or no >benefit.
Normally I am in favor of keeping stuff simple, but I think in this case the argument for "DKIM only" is quite strong. People whose opinion I trust tell me that so many SPF records include so many large clouds that in practice an SPF pass no longer tells you anything useful. There's the counterargument "so don't publish SPF" but it's on so many checklists that even though that would be a fine idea, it's not practical. >>* Given some of the stuff we're hearing in the wings about the utility of >>ARC, do we want to talk about it in -bis at all? >ARC solves nothing on its own. ARC plus a list of senders I trust not to lie >to me is quite useful. I don't >think it can be raised to a more formal part of DMARC since its utility if >entirely dependent on >non-standardized (and almost certainly non-standardizable) special sauce. Agreed. R's, John _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
