On Fri, Mar 24, 2023 at 12:02 PM Hector Santos <hsantos= 40isdg....@dmarc.ietf.org> wrote:
> +1. > > ARC is not a solution, but it is a good part of the problem. It’s not hard > to see how our fall back to defocusing, the de-emphasis of the DKIM Policy > Model in lieu of Reputation Modeling creating this issue. > ARC compounds the reputation problem because it requires additional reputation computation as well. However, it does provide a means to more precisely describe the forwarding path which is something that DKIM was meant to support but arguably too broadly wrt DKIM replay. We can use that described path to detect replay deterministically (alluded to in the Problem Statement doc in the "basic solution space"). > > Every issue we have today is nearly 100% because of the lob-sided efforts > to impose a DKIM Reputation Model on receivers when it was predicted during > MARID and into early DKIM that if we do this, we will have issues related > to the "Batteries Required" Syndrome. > > - No standard Reputation Protocol > - No single repository of GOOD vs BAD domains > - To be somewhat effective, Batteries Requires (paid 3rd party service) > - Exploiters attacking those without Batteries. > > This is why the original DKIM Charter tried really hard to focus on > Deterministic Protocols rather than Heuristic Protocols based on the Author > Domain. The original DKIM Charter considered “Reputation Modeling” out of > scope. > > Now it is in scope and we are dealing with issues that can not be solved — > not without addressing the DKIM Policy Model for 1st and 3rd party signers. > > If the group effort is to be able to write a PS for DKIM + Reputation > Modeling, we should highly note it was all perpetuated by our defocus of > DKIM Policy Modeling and the lack of will to fix DMARC. > I agree with the split between deterministic protocol vs reputation systems. I think there's space to make progress on the deterministic protocol side by authenticating forwarded email more accurately. While I suspect this is well out of scope for this WG, FWIW I do agree there ought to be work done on the reputation side too. Yes there are a lot of heuristics there that will resist standardization, but perhaps there's room to make improvements for initialization. -Wei > > > — > HLS > > On Mar 24, 2023, at 1:42 PM, Michael Thomas <m...@mtcc.com> wrote: > > > On 3/24/23 10:22 AM, Murray S. Kucherawy wrote: > > > > Fine with me, it's far from a showstopper overall. I just made the > suggestion. > > This wg should be concerned with DKIM problems, not other wg problems and > especially for experimental rfc's of dubious value and complete mysteries > as to what they have to do with their actual charter. > > Mike > _______________________________________________ > Ietf-dkim mailing list > Ietf-dkim@ietf.org > https://www.ietf.org/mailman/listinfo/ietf-dkim > > > _______________________________________________ > Ietf-dkim mailing list > Ietf-dkim@ietf.org > https://www.ietf.org/mailman/listinfo/ietf-dkim >
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Ietf-dkim mailing list Ietf-dkim@ietf.org https://www.ietf.org/mailman/listinfo/ietf-dkim
