(More from a review of the lists BCP chatter, with an eye toward a forthcoming document update...)
> -----Original Message----- > From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim- > boun...@mipassoc.org] On Behalf Of Michael Thomas > Sent: Wednesday, May 26, 2010 2:23 PM > To: Scott Kitterman > Cc: DKIM List > Subject: Re: [ietf-dkim] ADSP, was Lists "BCP" draft available > > > Such transient trust can't be spoofable. It needs to have properties > such that if it asserts "trust me, it was signed by PayPal when I got > it, so you can ignore their discardable flag" it can't be used by > arbitrary senders to bypass PayPal's ADSP. > > > > I don't know of a way to do that which doesn't require a trust > relationship with the mail list provider. If you have such a > relationship then it's relatively trivial to just not bother with ADSP > checks for mail from such lists. > > > > I'm left not knowing what advantage there would be from a more > complex standardized approach. > > Right, and where I have problems is that I doubt that most admins have > any clue whatsoever > which lists their users subscribe to. Some certainly have policies > which may inform them > (= don't do it), but beyond that this sounds somewhere close to an > impossible task. I don't think it's too far-fetched to think that one or more of the following will eventually be true: 1) A signing domain, in this case a list provider, will develop a reputation that it does proper DKIM validation before re-signing, and thus that its A-R header fields can be trusted by receivers; 2) A signing domain will appear in a VBR-like service, with the voucher attesting to the fact that the signer does DKIM properly, and thus that it's a-R header fields can be trusted by receivers; 3) The need to have this kind of transient trust will be a sufficiently rare case that manual exception list maintenance scales just fine. -MSK _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html