On Tue, 19 Oct 2010 16:23:39 +0100, John R. Levine <jo...@iecc.com> wrote:
>> good signature -> good message.
>>
>> Don't you mean
>>
>> Good signature -> authenticated message (that is, someone
>> accepts responsibility)
I think it needs to mean
Good signature -> authenticated message (that is, someone accepts
responsibility, where "someone" is identifiable at least to the extent of
being or not being the domain in whatever From: is shown).
>
> When I said good, I meant credible, not just one that mechanically
> validates. I hope that we all agree that a signature from a domain about
> which one knows nothing is not usefully different from no signature at
> all.
A reputation service can only say that a domain is
BAD
GOOD
or NO EVIDENCE AVAILABLE EITHER WAY.
I think the last case has to be treated pretty much like GOOD, otherwise
newcomers to the internet will never even get their messages accepted.
There might be some merit in a repuation service responding with
DOMAIN CREATED WITHIN THE LAST 15 MINUTES
although even that should have been "Domain first used within the last 15
minutes", except I cannot see how a reputation service coulr know that.
--
Charles H. Lindsey ---------At Home, doing my own thing------------------------
Tel: +44 161 436 6131
Web: http://www.cs.man.ac.uk/~chl
Email: ...@clerew.man.ac.uk snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K.
PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html
