John Levine wrote:
There'll surely be more of these 1:1 agreements, while we wait for SSP
to become useful. If we wait long enough, SSP won't even be necessary
for the big, high-value signers & verifiers.
Agreed. It's much better to define a protocol to do this now so the process
scales and is not just available to large commercial senders.
But the key step in setting up the 1:1 agreements is for the receiver
to identify a sender which is enough of a forgery target to be worth
special treatment.
How does an SSP-like protocol do that? Assertions like "I am a phish
target" don't do it.
Why not?
-Jim
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html
