----- Original Message ----- From: "Douglas Otis" <[EMAIL PROTECTED]> To: "Hector Santos" <[EMAIL PROTECTED]> Cc: <ietf-dkim@mipassoc.org> Sent: Wednesday, November 02, 2005 1:19 PM Subject: Re: [ietf-dkim] SSP acceptance chart
> It is interesting that an invalid signature is offered greater access > than no signature. The invalid signature is even granted greater > acceptance than a valid third-party signature. Where there is no > policy, a third-party signature is given reduced acceptance to that > of no signature? This seems force the use of SSP and completely > ignore the reputation of the signing-domain, does it not? Doug, you are mixing ABSTRACT concepts and SWAGS with concrete compliancy and consistent concepts. You need to get that straight first. I am thinking AUTOMATION based on language and syntax. I'm trying to remove FUZZY LOGIC. REPUTATION is an subjective abstract and learned concept. We will continue to have this philosophical Administrator vs. Developer conflicts because in my opinion, the #1 problem with email security begins with the lack of compliancy and consistency "expectation" in the transaction process. That is what got us here in the first place. That is the problems we face with our software. That is the support issues we face in trying to satisfy customers. That is by-far the problem we all see. You come from an angle with a SOLUTION to a PROBLEM. I come from a angle where we first try to reduce the PROBLEM. Its a akin to have a leak in your pipes. You might want to try to inject some clogging agent, I will try to check my values and washers first. Once we work out the straight forward technical logic, then you work in reputation ideas. If you insist that REPUTATION comes before DKIM analysis, then we are back to square one with the proverbial "chicken and egg" 821 vs. 822 design decisions. -- Hector Santos, Santronics Software, Inc. http://www.santronics.com _______________________________________________ ietf-dkim mailing list http://dkim.org
