On 09/14/2010 08:13 AM, John R. Levine wrote:
I agree with Mike's assessment.
I remain unable to reconcile this is very important and throw it away
applied to the same message.
The problem here is that you shouldn't be mixing up human values of importance
or not, with the mechanical policy
On 09/13/2010 08:59 AM, Ian Eiloart wrote:
--On 13 September 2010 11:38:39 -0400 John R. Levinejo...@iecc.com
wrote:
--On 13 September 2010 10:19:05 -0400 MH Michael Hammer (5304)
mham...@ag.com wrote:
I agree that if a signing domain publishes discardable then the MLM
should discard
On 09/13/2010 11:58 AM, Murray S. Kucherawy wrote:
-Original Message-
From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim-boun...@mipassoc.org]
On Behalf Of Michael Thomas
Sent: Monday, September 13, 2010 10:22 AM
To: Ian Eiloart
Cc: DKIM
Subject: Re: [ietf-dkim] draft-ietf-dkim
On 09/09/2010 11:12 AM, McDowell, Brett wrote:
On Sep 4, 2010, at 9:31 PM, Steve Atkins wrote:
The whole point of rotating keys is so that loss of an old private key
isn't a risk. Given that, I think that even if you're fairly sure that a key
pair hasn't been compromised then you should
On 09/09/2010 09:57 AM, Mark Martinec wrote:
Mark Delany wrote:
I believe the general thrust is that DKIM keys are ephemeral
so no one should rely on there long-term presence. [...]
With each key there is an associated selector:domain pair,
so with a key rotation comes the change of a
I'll cheerfully give up references to S/MIME, if other people will
give up on telling software developers how to rewrite MLMs to do
things they've never done before.
Frankly, the best possible advice we can give is to tell people to
sign all their mail, set ADSP to discardable and let mailing
On 09/01/2010 02:49 PM, Murray S. Kucherawy wrote:
If your goal is to have MLM developers rewrite their perfectly working
code to work around the fundamental flaws in ADSP - a protocol nobody
other than bulk mailers is interested in, and which in any even
marginally sane deployment would never
On 08/30/2010 11:03 AM, Murray S. Kucherawy wrote:
I’d like some help tackling the next version of the MLM draft. People
seem to have varying ideas about what should be removed and perhaps
appear in other documents now. I need some consensus on a direction in
which to proceed.
So can I
John R. Levine wrote:
I'm sorry, this gets the history wrong. We had a lot of arguments about
this when we were doing 4871, and I believe you will find that we added
l= over substantial opposition under the theory that it would compensate
for a significant fraction of MLM modifications. I
John R. Levine wrote:
Yes, I am a nitwit, but you knew that. This time I'll tell
Alpine to sign it with S/MIME.
John,
For your reposted message with Alphine, I am still not seeing any
S/MIME based certified mail indicator in Thunderbird 2.0.
T'bird for some reason doesn't see
On 08/19/2010 10:23 AM, Stephen Farrell wrote:
On 19/08/10 18:06, Michael Thomas wrote:
On 08/19/2010 09:20 AM, John Levine wrote:
Be sure to tell them that ADSP is not useful, according to one of the
authors of the ADSP RFC.
Chairs --
Can I ask for a revision of ADSP where John
On 08/19/2010 10:29 AM, J.D. Falk wrote:
On Aug 18, 2010, at 6:59 PM, Daniel Black wrote:
* BUT otherwise its useless in its current state.
Useless for which purpose? From the rest of the message it sounds like
you're primarily thinking about discussion-type mailing lists, which -- while
On 08/17/2010 04:08 AM, Ian Eiloart wrote:
--On 10 August 2010 06:59:42 +0100 Graham Murraygra...@gmurray.org.uk
wrote:
Dave CROCKERd...@dcrocker.net writes:
DKIM and ADSP evaluation are not performed during an SMTP session,
unless the session is delayed after the crlf.crlf, and that's
On 08/09/2010 11:41 AM, John R. Levine wrote:
My point is simple: everyone handles mail from lists using the identity of
the list, not the identity of the contributor.
Another vivid illustration of the fallacy of the excluded middle.
Mike
___
NOTE
On 08/09/2010 10:45 AM, John Levine wrote:
In article548b10a3a5fcf3025a4b5...@lewes.staff.uscs.susx.ac.uk you write:
However, if there's a need to trust the original sender, and you don't
quite trust the list to get that right for you, ...
It appears that we can discard this concern as
On 08/09/2010 01:48 PM, John R. Levine wrote:
I'm not trying to pick on you, but I would like to understand if there is
any non-hypothetical spam or delivery management of list mail[...]
Again, the excluded middle that spam/etc pays any attention at all whether
something is list mail, whatever
On 08/04/2010 10:07 AM, Dave CROCKER wrote:
What is the security model that makes this expectation of preservation
important
and reasonable, given that it is so easily and whimsically violated by a
common
recipient-selectable setting?
The original 822 From: address is not preserved in a
On 08/03/2010 03:03 AM, Rolf E. Sonneveld wrote:
With this situation in mind, I wrote my proposal, to provide the
verifier on the receiving side with a means to verify the original DKIM
signature.
Rolf,
When we wrote our dkim implementation, we did a bunch of work within the
existing DKIM
On 08/03/2010 09:15 AM, Murray S. Kucherawy wrote:
-Original Message-
From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim-
boun...@mipassoc.org] On Behalf Of Michael Thomas
Sent: Tuesday, August 03, 2010 7:59 AM
To: Rolf E. Sonneveld
Cc: ietf-dkim@mipassoc.org
Subject: Re: [ietf
On 08/03/2010 09:40 AM, Murray S. Kucherawy wrote:
-Original Message-
From: Michael Thomas [mailto:m...@mtcc.com]
Sent: Tuesday, August 03, 2010 9:21 AM
To: Murray S. Kucherawy
Cc: Rolf E. Sonneveld; ietf-dkim@mipassoc.org
Subject: Re: [ietf-dkim] MLMs and the use of multipart
On 08/03/2010 10:34 AM, Rolf E. Sonneveld wrote:
quote
Changes that merely add new header fields, such as those specified by
[LIST-ID], [LIST-URLS] and [MAIL] are generally the most friendly to
a DKIM-participating email infrastructure in that their addition by
an MLM will not affect any
On 08/01/2010 03:22 PM, Murray S. Kucherawy wrote:
Some offlist feedback I wanted to bounce to the list to gauge consensus:
a) Section 5.1 currently advocates a warning to new subscribers to an
MLM with a highly restrictive ADSP policy. Should this be stronger, such
as “a warning is advised,
On 07/29/2010 11:53 AM, J.D. Falk wrote:
On Jul 29, 2010, at 5:09 PM, Ian Eiloart wrote:
--On 26 July 2010 18:24:34 +0200 J.D. Falkjdfalk-li...@cybernothing.org
wrote:
I think it's because, when you implement most protocols, if your end is
broken then you can't even talk to the other end.
As we all know, admins can and do screw up anything, but with most
mistakes, the damage directly affects them. If you screw up your MX,
your own incoming mail won't work. If you screw up your ADSP, your
mail will work fine, while other people's mail systems will
mysteriously lose mail.
On 07/26/2010 09:24 AM, J.D. Falk wrote:
On Jul 25, 2010, at 11:36 AM, Murray S. Kucherawy wrote:
I've engaged some of you off-list trying to understand why ADSP is
fundamentally different than the private agreements known to exist between
PayPal and some large email service providers. I
On 06/25/2010 08:44 AM, John R. Levine wrote:
Help me out here John, where exactly is that silently drop section? I
see the discarding part but the drop silently part seems to be a bit
silent.
Sheesh, Mike. Discard is an ordinary English word which I used in its
ordinary English sense.
I
On 06/24/2010 07:49 AM, John Levine wrote:
Are you making the assumption that all third party lists would be equally
credible? That's no more likely than all DNSBLs being equally credible.
In both cases, the good ones will make sure their data is correct,
maybe by backchannels to the
On 06/24/2010 08:45 AM, Martijn Grooten wrote:
So why does a domain that performs that painful audit and
remediation need to then tell John's drop list that it's OK to
drop unsigned mail? It doesn't. It can just publish an ADSP
record and be done with it. No need to count on some unreliable,
On 06/24/2010 09:36 AM, Murray S. Kucherawy wrote:
-Original Message-
From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim-
boun...@mipassoc.org] On Behalf Of Steve Atkins
Sent: Thursday, June 24, 2010 8:43 AM
To: DKIM List
Subject: Re: [ietf-dkim] New Version Notification for
On 06/24/2010 09:28 AM, J.D. Falk wrote:
On Jun 24, 2010, at 9:21 AM, Michael Thomas wrote:
Any service that doesn't have an *explicit* guarantee from the mail
domain itself that it signs all mail is worse than incompetent,
it's harmful. A third party can *never* prove the negative
On 06/24/2010 10:10 AM, Mark Delany wrote:
Conceivably at risk domains would first submit themselves to such a
service and ask it to discover and publish (and/or feedback) counter
examples.
Since all you need is one counter example, getting 20 or 30 large,
trusted mail providers to
On 06/22/2010 09:46 AM, J.D. Falk wrote:
On Jun 21, 2010, at 1:00 PM, John R. Levine wrote:
As threatened, here's an I-D that says how one would publish a list of
domains for which it makes sense to discard unsigned mail.
Looks like a good start, and almost shockingly simple. Any MTA/MFA
On 06/22/2010 11:07 AM, J.D. Falk wrote:
On Jun 22, 2010, at 11:28 AM, Michael Thomas wrote:
On 06/22/2010 09:46 AM, J.D. Falk wrote:
On Jun 21, 2010, at 1:00 PM, John R. Levine wrote:
As threatened, here's an I-D that says how one would publish a list of
domains for which it makes sense
J.D. Falk wrote:
On Jun 14, 2010, at 8:07 AM, John R. Levine wrote:
The sooner we stop wasting time trying to fix ADSP and start getting
shared drop lists, the sooner there's some hope of using DKIM to keep
simple forgeries out of peoples' inboxes.
I'm aware of a handful of beta-ish
That's an example of the reason that I don't find ADSP
useful (as opposed to manually vetted discard lists.) There's no way to
tell whether the party publishing discardable understands what they're
saying.
I'm sure that some people would like to put:
theirdomain.com.3600
On 06/02/2010 11:41 AM, Steve Atkins wrote:
Fourth, as I mentioned above, even if all you said was valid, registering
thousands of domains in order to make ADSP sort-of work against phishing
isn't something that scales, either in terms of domain name system nor the
expense. If ADSP requires
On 06/02/2010 02:11 PM, John R. Levine wrote:
The basic problem with ADSP is that we shipped an untested prototype, and
at this point the only way to test it is to try experiments and hope they
don't do too much damage before we have a chance to tweak and mitigate the
problems. I appreciate
On 06/02/2010 03:47 PM, Douglas Otis wrote:
On 6/2/10 2:43 PM, Michael Thomas wrote:
Instead of kvetching about ADSP, you might tell the list owners that their
list software heuristics are broken.
Mailing lists are on higher ground, since they are not introducing the
new mechanism.
When we
On 06/02/2010 04:25 PM, Steve Atkins wrote:
On Jun 2, 2010, at 4:10 PM, Michael Thomas wrote:
On 06/02/2010 03:47 PM, Douglas Otis wrote:
On 6/2/10 2:43 PM, Michael Thomas wrote:
Instead of kvetching about ADSP, you might tell the list owners that their
list software heuristics are broken
Instead of kvetching about ADSP, you might tell the list owners that
their list software heuristics are broken.
Oh, OK, that shouldn't be hard.
Actually, I doubt it will be hard. The casualties of ADSP causing
third party kicks causes the blame to laid where it deserves: the
list software. I
On 06/01/2010 12:59 AM, Murray S. Kucherawy wrote:
I've seen spam posted to mailing lists. Recently, I've seen lists
targetted
in more intelligent ways by spammers. For example, by using sender
addresses in the domain of the list (quite a useful way of attacking
academic lists, which tend to
On 06/01/2010 11:43 AM, John Levine wrote:
I have to say that I share much of Dave's bafflement. And as a minor
list developer, I don't recognize any MLM I know in many of the
assertions below.
I was more highlighting there was an active choice in a MLM development to
remove DKIM headers
Since these are all rhetorical questions, let's cut to the chase:
do you believe John, who never believed in ADSP and has repeatedly said
that he hope it fails, and who has a microscopic amount of deployment
experience if any at all. Or do we believe Brett/paypal that ADSP is
providing benefit
On 05/27/2010 03:21 AM, Roland Turner wrote:
On 26/05/2010 22:48, Steve Atkins wrote:
However, domain B is not an innocent bystander, as they intentionally
configured their mail system to reject mail it shouldn't, and the
recipients at domain B support that decision, on some level.
Domains
On 05/27/2010 07:05 AM, Barry Leiba wrote:
do you believe John, who never believed in ADSP and has repeatedly said
that he hope it fails, and who has a microscopic amount of deployment
experience if any at all. Or do we believe Brett/paypal that ADSP is
providing benefit *today* in the form of
On 05/27/2010 07:35 AM, Murray S. Kucherawy wrote:
-Original Message-
From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim-boun...@mipassoc.org]
On Behalf Of Michael Thomas
Sent: Thursday, May 27, 2010 6:22 AM
To: Roland Turner
Cc: DKIM List
Subject: [ietf-dkim] bad mail blowback
On 05/27/2010 09:14 PM, John Levine wrote:
So I understand your line of reasoning. But today, I believe ADSP can
provide a benefit. Brett has data that supports that.
Once again, we have a pernicious confusion between manually maintained
drop lists and ADSP.
Brett has data that supports the
On 05/26/2010 07:48 AM, Steve Atkins wrote:
Perhaps I missed something, but if domain B is rejecting email from the
list Authored by A, then won't that cause a list member at domain B to be
removed from the list as well? I think that is what John meant by innocent
bystander. Most MLM remove
On 05/26/2010 08:17 AM, Steve Atkins wrote:
On May 26, 2010, at 8:09 AM, Michael Thomas wrote:
On 05/26/2010 07:48 AM, Steve Atkins wrote:
Perhaps I missed something, but if domain B is rejecting email from the
list Authored by A, then won't that cause a list member at domain B
On 05/26/2010 08:55 AM, John Levine wrote:
Problem = phishing
Utility = just one sender + two mailbox providers have blocked over
100 million phishing attacks, many of those blocks also resulted in
site take-downs.
The value of what we already have from your efforts in IETF is HUGE
for
On 05/26/2010 09:58 AM, Steve Atkins wrote:
On May 26, 2010, at 9:14 AM, Brett McDowell wrote:
I respectfully disagree with you.
We *were* a special case. Soon we will not be a special case because ADSP
will enable all mailbox providers, if they choose, to do for others what
they have
On 05/26/2010 10:42 AM, Steve Atkins wrote:
On May 26, 2010, at 10:13 AM, Steve Atkins wrote:
On May 26, 2010, at 10:11 AM, Michael Thomas wrote:
On 05/26/2010 09:58 AM, Steve Atkins wrote:
On May 26, 2010, at 9:14 AM, Brett McDowell wrote:
I respectfully disagree with you.
We *were
On 05/26/2010 11:30 AM, Steve Atkins wrote:
Michael claims off-list that he has no idea what I'm speaking of.
I said huh? too.
Perhaps I'm missing something. I'm working with the mental model
that the underlying problem ADSP advocates would like to address
is phishing or brand protection,
Roland Turner wrote:
Surely the stance of a dkim=discardable sender is that it is absolutely
OK to discard affected messages if there is any reason at all for doubt
and that, therefore, non-participant MLMs aren't, actually, breaking
anything.
There's some risk that what a list thinks
This is doubly
true since the ADSP RFC rather specifically says that you shouldn't
mark a domain discardable if its users send mail to lists.
Only if you care about the mail being delivered. I think that if we do this
BCP, we should give some advice about what, say, a company like, oh say,
On 05/19/2010 02:21 PM, J.D. Falk wrote:
On May 19, 2010, at 7:53 AM, MH Michael Hammer (5304) wrote:
+1. The current discussion was supposed to be about BCP. I agree with
Stephen with the caveat that if the group thinks re-opening ADSP
discussion is important then include it in the
On 05/19/2010 02:35 PM, J.D. Falk wrote:
On May 19, 2010, at 3:29 PM, Michael Thomas wrote:
On 05/19/2010 02:21 PM, J.D. Falk wrote:
On May 19, 2010, at 7:53 AM, MH Michael Hammer (5304) wrote:
+1. The current discussion was supposed to be about BCP. I agree with
Stephen with the caveat
On 05/06/2010 09:32 AM, Murray S. Kucherawy wrote:
-Original Message-
From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim-
boun...@mipassoc.org] On Behalf Of Michael Ströder
Sent: Thursday, May 06, 2010 4:51 AM
To: ietf-dkim@mipassoc.org
Subject: [ietf-dkim] Clarification needed
While I personally find F2F usage sort of creepy, from the receiver's
standpoint it looks
for all intents and purposes like a mailing list, which for all intents and
purposes looks
like an unsigned piece of mail purporting to be from my domain. Intent seems to
have very
little to do with
On 04/30/2010 07:05 AM, McDowell, Brett wrote:
In that scenario, if the MLM re-signing solution has been deployed by Y, and
DKIM+ADSP has been deployed by X Z, and Z has chosen to take action on X's
ADSP policies... the only thing Z is trusting Y to do is validate incoming
DKIM
On 04/30/2010 07:38 AM, McDowell, Brett wrote:
On Apr 30, 2010, at 10:23 AM, Michael Thomas wrote:
On 04/30/2010 07:05 AM, McDowell, Brett wrote:
In that scenario, if the MLM re-signing solution has been deployed by Y,
and DKIM+ADSP has been deployed by X Z, and Z has chosen to take
On 04/30/2010 08:32 AM, Jeff Macdonald wrote:
Perhaps poorly chosen words. But I think most understood the intent.
I'm willing to go from a world where any system can use my From to one
where only the systems I say can. And that means changes.
Really? The sender has to opt in? That sounds like
Is there anything out there that's not in the mistake or bogus category that
would foil paypal's discardable adsp setting? Preferably that has the
characteristic
that it's out of their control.
Mike
___
NOTE WELL: This list operates according to
On 04/30/2010 09:37 AM, Jeff Macdonald wrote:
On Fri, Apr 30, 2010 at 11:57 AM, Michael Thomasm...@mtcc.com wrote:
Is there anything out there that's not in the mistake or bogus category that
would foil paypal's discardable adsp setting? Preferably that has the
characteristic
that it's out
On 04/29/2010 10:23 AM, Al Iverson wrote:
On Thu, Apr 29, 2010 at 11:58 AM, McDowell, Brettbmcdow...@paypal.com
wrote:
On Apr 28, 2010, at 2:11 PM, John R. Levine wrote:
Your proposal that MLM remove Signatures would cause restrictive
policies to fail.
Which is why I oppose this
On 04/29/2010 10:47 AM, Al Iverson wrote:
On Thu, Apr 29, 2010 at 12:34 PM, Michael Thomasm...@mtcc.com wrote:
On 04/29/2010 10:23 AM, Al Iverson wrote:
On Thu, Apr 29, 2010 at 11:58 AM, McDowell, Brettbmcdow...@paypal.com
wrote:
On Apr 28, 2010, at 2:11 PM, John R. Levine wrote:
Your
On 04/29/2010 10:42 AM, Powers, Jot wrote:
On 4/29/10 10:34 AM, Michael Thomasm...@mtcc.com scribbled:
On 04/29/2010 10:23 AM, Al Iverson wrote:
As John Levine mentioned previously, your own posts to this list fail
authentication and end up in many of our spam folders because of
Paypal's SPF
On 04/29/2010 11:17 AM, Powers, Jot wrote:
On 4/29/10 11:12 AM, Michael Thomasm...@mtcc.com scribbled:
With respect to DKIM, anybody who filters based on broken signatures without
any (or little) other input pretty much deserves the false positive rate
they're complaining about.
Ok. I
On 04/29/2010 11:39 AM, Powers, Jot wrote:
What I'd advise is something like put all of your transactional mail
in a subdomain and set it to discardable, but don't do that to all
your corpro users. There are other ways to go about this, but I'd say
that you're playing with fire lumping all
On 04/29/2010 01:12 PM, SM wrote:
At 11:12 29-04-10, Michael Thomas wrote:
With respect to DKIM, anybody who filters based on broken signatures without
any (or little) other input pretty much deserves the false positive
rate they're
complaining about.
This mailing list removes the DKIM
On 04/27/2010 08:06 AM, John Levine wrote:
Another real question, equally important: who is actually writing this BCP?
Is it something that would make sense to add to the Development,
Deployment and Operations document?
It would probably be better to keep it separate, since it's likely to
MH Michael Hammer (5304) wrote:
I think we are having the wrong discussion. The real question is:
What are appropriate practices for mailing lists in handling DKIM
signed mail?
By focusing on John and his single example we are looking at a tree and
not the forest. This may not be the best
[grr, my ntpd keeps blowing off... sorry if this is a repost]
Dave CROCKER wrote:
On 4/22/2010 9:34 PM, John Levine wrote:
For anyone who's working on the list management BCP:
I sign all my outgoing mail, and I have a feedback loop set up with
Yahoo, which being very modern and advanced
Dave CROCKER wrote:
On 4/22/2010 9:34 PM, John Levine wrote:
For anyone who's working on the list management BCP:
I sign all my outgoing mail, and I have a feedback loop set up with
Yahoo, which being very modern and advanced keys on signatures, not IP
addresses. A few days ago I sent
John Levine wrote:
John, can you simply clarify the rules/logic of your FBL with Yahoo!?
That will clarify this scenario considerably.
It's just like the IP based FBLs that other mail systems have, only
keyed on DK or DKIM d= signing domains rather than IP addresses. I
tell them what
MH Michael Hammer (5304) wrote:
But are you (people we can have a reasonable expectation that we can
somewhat trust to act responsibly) the rule or are you the exception?
I think I tend to agree with Steve. Notify all parties that assert
responsibility. That would include the author
Al Iverson wrote:
On Fri, Apr 23, 2010 at 3:58 PM, John Levine jo...@iecc.com wrote:
But John made a private arrangement with Yahoo that if there was a
complaint about a mail and he DKIM signed it then Yahoo should send the
complaint to him as part of it's FBL offering. They did exactly what
Barry Leiba wrote:
is no because IDNs themselves don't really work today, as a practical
matter, in the context of email. What is clear is that folks from DKIM
need to track and perhaps influence EAI.
Does this, then, turn into another item on the new charter?
Work with the EAI
I'm sort of dubious about this. Unless you're using z=, your chances of
figuring out why something broke are slim to none. With z=, your chances
of figuring it out are merely slim.
Mike, with far too much experience at that
On 02/24/2010 02:17 AM, Suresh Ramasubramanian wrote:
I support this.
On 02/24/2010 08:54 AM, Mark Delany wrote:
On Feb 24, 2010, at 5:51 AM, Michael Thomas wrote:
I'm sort of dubious about this. Unless you're using z=, your chances
of
figuring out why something broke are slim to none. With z=, your
chances
of figuring it out are merely slim.
Mike, with far
. Kucherawy wrote:
-Original Message-
From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim-
boun...@mipassoc.org] On Behalf Of Michael Thomas
Sent: Wednesday, February 24, 2010 9:47 AM
To: Mark Delany
Cc: IETF DKIM WG
Subject: Re: [ietf-dkim] Broken signature analysis
But I guess this all
On 10/24/2009 11:40 PM, SM wrote:
At 20:19 24-10-2009, Scott Kitterman wrote:
Where I disagree is that we have a sufficient basis to declare it stable.
The interoperability issues have been addressed in the implementation
I use. There are still some quirks which are MTA related.
I think
On 10/23/2009 05:08 PM, Dave CROCKER wrote:
Jim Fenton wrote:
Good question. I wasn't proposing that we judge usefulness at all; I
was responding to suggestions from others that measuring usefulness be
included in the charter.
Well, I can certainly understand producing documents that
I haven't seen the various lists proposals but two things:
1) what to do with ADSP discard is a legitimate discussion for list software
2) what to do with ALL is NOT. A list that discards or otherwise rejects a
submission *solely* on ALL is BROKEN. Doubly so if the ALL message had
a
On 10/17/2009 08:36 PM, hector wrote:
This this mean, if I read you and thomas right, DKIM=ALL means 3rd
party signers are possible without valid 1st signatures?
Manifestly this is possible. All just says what the author's sender
does as a matter of policy/practice. It can't build an electric
On 10/15/2009 01:02 PM, J.D. Falk wrote:
Charles Lindsey wrote:
All of them are a proper subject of discussion, should this WG decide to
embark on such a BCP (and the misunderstandings repeatedly displayed here
seem to suggest that something of the sort is needed).
Agreed, except for one
On 10/14/2009 09:44 AM, Murray S. Kucherawy wrote:
-Original Message-
From: i...@sussex.ac.uk [mailto:i...@sussex.ac.uk]
Sent: Wednesday, October 14, 2009 4:53 AM
To: Murray S. Kucherawy; John R. Levine; Daniel Black
Cc: ietf-dkim@mipassoc.org
Subject: Re: [ietf-dkim] Is anyone using
On 10/12/2009 11:18 PM, Franck Martin wrote:
But all the current list servers are stupid because this are ignoring RFC
5617, because RFC 5617 did not exist at the time they were deployed.
You do not expect that the whole world will upgrade their list servers
because you say so?
So for
This is surreal. We have both Crocker and Levine claiming that the *published*
semantics of RFC5617 are either not what it says, or should be ignored because
they don't like it.
Jim is under no obligation to produce evidence for you; evidence which is
-- of course -- conveniently a negative which
On 10/11/2009 03:26 PM, Michael Deutschmann wrote:
On Sun, 11 Oct 2009, Michael Thomas wrote:
On 10/11/2009 02:41 AM, Michael Deutschmann wrote:
If this is indeed the official semantics of the protocol, then I would
petition to add a dkim=except-mlist policy. Which means I sign
everything
On 10/06/2009 10:30 AM, bill.ox...@cox.com wrote:
C) I can sell the ability to do 3rd party DKIM signing for those companies
who are described in A)
If you're getting paid for signing somebody else's traffic, doesn't
it make sense that the service can do some hand holding to get their
DNS set
On 10/06/2009 03:08 PM, Franck Martin wrote:
Practicalities, which explained the failure of PGP and S/MINE. Great
protocol, except they are unworkable for the common user, like most security
protocols coming out of IETF (and it is not me who is saying it but I heard
it in a variation from
Eliot Lear wrote:
Hi Murray,
On 10/1/09 10:27 PM, Murray S. Kucherawy wrote:
How can one forget that which was never true to begin with?
The working group and its antecedents, as far as I'm aware, have always been
pretty adamant about the fact that reducing spam has never been one of
On 08/03/2009 09:13 AM, Murray S. Kucherawy wrote:
-Original Message-
From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim-
boun...@mipassoc.org] On Behalf Of Steve Atkins
Sent: Sunday, August 02, 2009 6:34 PM
To: DKIM WG
Subject: Re: [ietf-dkim] Escaping things in key/ADSP records
On 08/03/2009 11:01 AM, Mark Delany wrote:
On Aug 3, 2009, at 10:31 AM, Douglas Otis wrote:
On 8/2/09 1:06 AM, Mark Delany wrote:
On Aug 1, 2009, at 9:14 PM, Franck Martin wrote:
But is ICANN supposed to clean all these random valid domains?
You half-joke, but one of the arguments we
IIRC, we showed interoperability with all aspects of the spec. In
particular, both Murray's and
mine have had the ability to do everything, but Tony's, Arvil's, the
folks at Port 25 and most
of the other mature implementations all interoperated, where mature
was two years ago.
I imagine that
Murray S. Kucherawy wrote:
DKIM's purpose has been lost with the continued out of scope undefined
reputation modeling. A concern raised over and over again, Assessment |
Reputation - wink wink, same thing when it come to coding it. Word
smithing does not solve implementation issues.
I
Dave CROCKER wrote:
Steve Atkins wrote:
Given that the RHS of i= is either identical or a subdomain of d= it's
nonsensical
to consider i= more stable than d=, as i= must change if d= does.
In fact, other than the right-hand root of the i= string which must match the
d=
string,
Will somebody please tell the editor that this still violates our charter
since reputation is out of scope?
Thank you.
Mike
Dave CROCKER wrote:
Jim Fenton wrote:
I do have a problem with the last paragraph:
tFor signers and assessors that have been using the i= tag for
J.D. Falk wrote:
Very good point; thanks for discerning the difference. At its core, I
think, this is the all-too-common battle between the Platonic Ideal of Email
and the reality.
In this reality, intermediaries change messages. Sounds like a few folks on
this list don't want messages
101 - 200 of 798 matches
Mail list logo