On Tue, May 12, 2020 at 9:30 AM Alessandro Vesely <ves...@tana.it> wrote:
> On Tue 12/May/2020 17:48:38 +0200 Murray S. Kucherawy wrote: > > On Tue, May 12, 2020 at 1:20 AM Alessandro Vesely <ves...@tana.it> > wrote: > >> On Mon 11/May/2020 20:23:12 +0200 Murray S. Kucherawy wrote: > >>> Indeed; why would I believe what any given domain claims in this tag? > >> > >> If you trust the domain, you can as well trust their tagging. > >> > > > > If you trust the domain, you don't need their tagging. > > Why not? I may trust gmail, say. Yet, in order to learn what restrictions > they apply to the From: I have to create an account and try. There is no > standard location where they declare their policy in a machine-readable > manner, > and policies written in legalese are even less readable... > What would you do with that information if you had it? Maybe you're using a different definition of "trust" than I am. To me, "I trust gmail.com" means "I believe mail signed by gmail.com is legitimate", irrespective of how they might handle their mail. Put another way: I believe I would only reach the opinion that I "trust" mail from a domain when I already know the thing(s) your tag(s) would tell me. -MSK
_______________________________________________ Ietf-dkim mailing list Ietf-dkim@ietf.org https://www.ietf.org/mailman/listinfo/ietf-dkim