Ian Eiloart wrote:
>> -1
>>
>> It is extremely relevant.
>
>
> The data is there. The numbers can be calculated from the sample size
> (~500k) and the proportions. They're nowhere near the numbers
> ("Originator signatures: 1.2 billion Third-party signatures: 184
> million") that you quoted in another email, which also don't match the
> proportions that you quoted. Where did 1.2 billion come from?
Sounds like revision v02 is already having its intended effect.
Ian, see the previous revision v01 section 4.2
http://tools.ietf.org/html/draft-ietf-dkim-implementation-report-01#section-4.2
In fact, what was left in rev 02 was Murry's 78.9% for the OpenDKIM
observation of 1st vs 3rd. What was removed was the AOL data point. I
stated it as 86% here:
http://mipassoc.org/pipermail/ietf-dkim/2010q3/014556.html
> "Third party" is somewhat of a leap from "the domains don't match".
Third party per RFC 5016 is well defined.
> For example, if the from header is in the domain "example.com" and we see
> "d=foo.example.com", is that really a third party signature? Perhaps
> some clarity of whether subdomains were permitted to match would be
> useful.*
It doesn't matter. The Observed data is what counts. Per RFC 5016
definitions, this is what we got X for that, Y for this.
> Oh, and are you thinking this is about implementation of ADSP?
As an engineer I look at data, look for patterns, see how they
correlate to logical protocols and even justify experiments and
problem solving.
To me, the data points show there is a strong 1st party stream of
mail. POLICY would be important here. But that is not what the
report is about.
For example, if the report showed the opposite, over 70% of the mail
stream was 3rd party (5322.From != DKIM.d per RFC 5016), rest assured,
we would be hearing how much POLICY or ADSP is insignificant and
should be deprecated - and I would AGREE.
The reality is the overwhelming 1st party mail continues to justify a
need for policy. But that is my interpretation, not what the report
is about.
> I think
> it's supposed to be about implementation of DKIM, so that DKIM can be
> progressed. Please don't let a misunderstanding hold that process up.
Its not an mis-understanding. There is nothing holding back DKIM but
this constant interference with the reality. Embrace and see how
things change. What the factoid removal does is goes against chartered
itemize goals of #2, #3 and #4.
> * It would be interesting to know what proportions of author addresses
> were subdomains of the d= value, and vice-versa. Even to know if the
> domains share common whois registrations (like foo.example.com and
> bar.example.com) would be nice, though harder to do. Having said all
> that, I have my own log files that I could analyze, so I'll shut up.
Your, all data would be welcomed too.
Soon I will have accumulated data as well. Currently working out how
to present them in our web-view of the statistics. IOW, adding
DKIM/POLICY related columns to these statistics:
http://www.winserver.com/public/spamstats.wct
--
HLS
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html
