On Wed, Apr 16, 2025 at 10:38 AM Larry M. Smith <[email protected]> wrote:
> Experience has shown that threat actors are willing to go to great > lengths to have access to a large pool of resources to abuse and then > rapidly discard.[1] Knowing what object to apply poor reputation to for > the last event often doesn't help for future ones. Additionally, I do > not expect that end users to be able to identify the problems > themselves, not trust that they would be able to identify it before harm > has been done. > I've always considered negative reputation to be of very limited value because it is trivially shed by moving to a new domain or IP address. With IPv6, the namespace got way bigger. Positive reputation is the real value here, because once you have it and are getting preferential treatment, you'll work to keep it. On the other hand, that also turns you into an attractive replay vector. Can't win. -MSK
_______________________________________________ Ietf-dkim mailing list -- [email protected] To unsubscribe send an email to [email protected]
