On Sep 21, 2006, at 12:04 AM, Frank Ellermann wrote:
Douglas Otis wrote:
The process of validating an email-address is common place and
done by thousands of applications from mailing-list mangers, the
assignment of email-certificates, or granting access to web-sites.
NAK, that's far from common, from four mail providers I used to
know only one enforced submission rights (=> good reverse path,
arbitrary header), and another - putting it mildly - implemented
his own vision of 4409 8.1 (=> good reverse path with enforced
matching 2822-From), offering the more common "whatever you say"
for a small monthly fee (maybe to sponsor their abuse desk).
For any version of DKIM to realistically offer assurances of an email-
address, some form of account/email-address correspondence is
required. The version of the email-address policy suggested does not
required the assertion that the email-address is valid. However, an
ability to communicate when an email-address is valid, and have this
presented by a well-known and trusted domain will bring considerable
value to DKIM as a specialized service.
BTW, I'm looking for interested folks helping to fix RFC 4409 8.1,
and then push a derived 4409bis to STD (see rfc822 list).
I'll review that document and subscribe to the rfc822 list.
-Doug
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html
