On Monday 12 October 2009 15:16:36 John Levine wrote:
Short summary: DKIM and ADSP offer no meaningful defense against spoofing.
Shorter summary: The WG charter says there should be
* A few domains are spoof targets, but the vast majority are not.
The scope of what targets there are is
On Mon, 12 Oct 2009, hector wrote:
The key point that is being missed here is that doesn't matter if we
all agree to add 3rd party or mailing list support to an extended RFC
5617 policy protocol. If resigners are going to be exempt from any
mandate to support it, it will remain to be conflict
Michael Deutschmann:
If this is indeed the official semantics of the protocol, then I would
petition to add a dkim=except-mlist policy. Which means I sign
everything that leaves my bailiwick, but may post to signature-breaking
MLs.
Are you going to announce all your users mailing list
On Mon, 12 Oct 2009, Wietse Venema wrote:
Michael Deutschmann:
If this is indeed the official semantics of the protocol, then I would
petition to add a dkim=except-mlist policy. Which means I sign
everything that leaves my bailiwick, but may post to signature-breaking
MLs.
Are you
--On 12 October 2009 10:04:17 -0400 Wietse Venema wie...@porcupine.org
wrote:
Michael Deutschmann:
If this is indeed the official semantics of the protocol, then I would
petition to add a dkim=except-mlist policy. Which means I sign
everything that leaves my bailiwick, but may post to
On Sat, 10 Oct 2009 07:05:13 +0100, John Levine jo...@iecc.com wrote:
People who contribute to mailing lists shouldn't say dkim=all. ...
But the user within some large domain that wants to join some mailing list
has no control over what ADSP his sysadmins have set up - so it all gets
caught
On Mon, 12 Oct 2009, Ian Eiloart wrote:
It also seems to me that there must be a difference between dkim=all and
dkim=discard. Publishing discard should mean that there's no
My understanding is that the all/discard distinction is orthogonal to
the mailing list issue.
I think the motivation for
On 10/12/09 7:04 AM, Wietse Venema wrote:
Michael Deutschmann:
If this is indeed the official semantics of the protocol, then I would
petition to add a dkim=except-mlist policy. Which means I sign
everything that leaves my bailiwick, but may post to signature-breaking
MLs.
Are you going to
Ian Eiloart wrote:
--On 12 October 2009 10:04:17 -0400 Wietse Venema wie...@porcupine.org
wrote:
Michael Deutschmann:
If this is indeed the official semantics of the protocol, then I would
petition to add a dkim=except-mlist policy. Which means I sign
everything that leaves my
The only thing self-asserting POLICY can do with some benefit it to
help prove the negative assertion - failure detection.
Positive assertions prove nothing and more information is required.
Currently, although it is out of scope, the WG consensus and
specifications has leaned towards
hector wrote:
IMTO, before any automated concept can work well, the supportive DKIM
network must expect protocol consistency to be established among all
DKIM nodes.
Why are we arguing about it now, then? It'll be years until we reach that
point.
J.D. Falk wrote:
hector wrote:
IMTO, before any automated concept can work well, the supportive DKIM
network must expect protocol consistency to be established among all
DKIM nodes.
Why are we arguing about it now, then? It'll be years until we reach that
point.
+1, however.
Don't
The deployment guide section 6.5 writes:
Any forwarder that modifies messages in ways that will break
preexisting DKIM signatures SHOULD always sign its forwarded
messages.
However, there is no implication about forwarder signing restrictions
in section 6.5 which is possible in section
[ this is well trodden ground, so I will try and keep this short ]
Agreed, but the fact that it's a mailing list that is doing this
isn't significant. It could be any intermediary that is willing to
take responsibility for the message by signing it. Their reputation
now becomes a factor in the
[ this is also well trodden ground, so I will again try and keep this short ]
Short summary: DKIM and ADSP offer no meaningful defense against spoofing.
Shorter summary: The WG charter says there should be
Yes, there was considerable naive optimism in the charter.
We all agree that it would
John Levine wrote:
[ this is well trodden ground, so I will try and keep this short ]
Agreed, but the fact that it's a mailing list that is doing this
isn't significant. It could be any intermediary that is willing to
take responsibility for the message by signing it. Their reputation
John R. Levine wrote:
Shorter summary: The WG charter says there should be
Yes, there was considerable naive optimism in the charter.
We all agree that it would be great to have a scheme to spoof-proof mail.
But ADSP isn't it, for the reasons we've all gone over,
which were?
no
17 matches
Mail list logo