On 03/16/2006 00:35, Dave Crocker wrote: > > This database that you insist is necessary for DKIM to be useful is > > pretty well by definition a reputation system. So, if as you say a DKIM > > signature has no value without a reputation system of some limited kind > > and reputation is out of bounds, I guess I don't understand what you > > think we are doing here? > > creating an infrastructure. > Unless one is in the business of selling infrastructure I don't know that it has any vlaue in it's own right.
> (well, dkim also creates a bit of accountability, by my own view is that it > does not mean much without an assessment component, too. but as John > Levine noted, it can be a small, internal table of well-known > correspondents.) > OK, so absent a reputation system it creates a bit of accountability then? > if you think dkim has larger value, on its own, please explain. > In the long run, I don't know. In the short run, as I've said before, I think the primary value is in highly phished domains using a restrictive SSP. That gives me leverage to reject 'bad' messages. We've discussed this before, so there's no need for yet another round of pointless fingerpointing on the value of SSP. I was just curious since you seemed to have a very limited view of the value of DKIM without reputation. BTW, I'm about to drop off line for a while, so don't read anything into lack of responses for a bit. If it's still relevant when I get back, I'll reply then. Scott K _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html