Dean Willis wrote:
> On Apr 4, 2008, at 6:53 PM, Dan Wing wrote:
>
>>> But more importantly, if you're thinking these things would
>>> truly have *legal* ramification, then my guess is no
>>> "good-guys" would touch signing with 4474 with a ten foot
>>> pole, ever. Do DKIM email signatures have such legal
>>> implications?
>>>
>> The closest analogy in DKIM would be someone that operated
>> a T.37/RFC2305 gateway (which converts fax to email), and
>> sends those resulting emails with their domain (example.com).
>>
>
> If you're an operator of a DKIM system, and somebody hacks your system
> and sends mail that's authoritatively from your domain, you can be
> held liable for the consequences of the email. So could somebody who
> doesn't run DKIM and is hacked. But bur position is actually weaker
> than someone who doesn't run DKIM, because you've made a stronger
> assurance of trust, effectively increasing your responsibility under
> implicit warranty.
>
Anything is possible I suppose but this strikes me as rather alarmist.
Lots of big domains are running DKIM these days including some big old
banks who are usually pretty cautious about such things and ISP's who
have pretty awful control over their user base. But we're not trying to
vouch
for the authorization to use a given localpart either.
I'm pretty sure that if anything about this subject hinges on the likelihood
or not of future litigation we are in deep do-do.
Mike
_______________________________________________
Sip mailing list https://www.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use [EMAIL PROTECTED] for questions on current sip
Use [EMAIL PROTECTED] for new developments on the application of sip
