IETF Logo Mail Archive

Re: [ietf-dkim] The problem with sender policy

Damon <deepvoice@gmail.com> Mon, 07 August 2006 13:56 UTC

Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GA5b7-0006bS-JL for ietf-dkim-archive@lists.ietf.org; Mon, 07 Aug 2006 09:56:49 -0400
Received: from sb7.songbird.com ([208.184.79.137]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GA5b6-0004nW-5H for ietf-dkim-archive@lists.ietf.org; Mon, 07 Aug 2006 09:56:49 -0400
Received: from sb7.songbird.com (sb7.songbird.com [127.0.0.1]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id k77DuDwl021281; Mon, 7 Aug 2006 06:56:13 -0700
Received: from wx-out-0506.google.com (wx-out-0506.google.com [66.249.82.238]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id k77Du7st021259 for <ietf-dkim@mipassoc.org>; Mon, 7 Aug 2006 06:56:07 -0700
Received: by wx-out-0506.google.com with SMTP id t10so55529wxc for <ietf-dkim@mipassoc.org>; Mon, 07 Aug 2006 06:55:40 -0700 (PDT)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=TLOIlTDIQ77qTgAn+fLYil3QA7Ob5rqCrEWUmNa9pYam5YOrIItLyez/Duyq2kw2i5kb7f0qByWHJ7fihebX2QkaeERiPUIbIeBaZ9Cy12H7eaN4pu5Tv32Mf9M7Lx/OV/za7bBgFXF8NOwlL6pgri4MW1jMVqvidtwombHo7NQ=
Received: by 10.78.180.18 with SMTP id c18mr2406579huf; Mon, 07 Aug 2006 06:55:39 -0700 (PDT)
Received: by 10.78.149.6 with HTTP; Mon, 7 Aug 2006 06:55:39 -0700 (PDT)
Message-ID: <62146370608070655s3829b273p746dced7c9dc46d5@mail.gmail.com>
Date: Mon, 07 Aug 2006 09:55:39 -0400
From: Damon <deepvoice@gmail.com>
To: "william(at)elan.net" <william@elan.net>
Subject: Re: [ietf-dkim] The problem with sender policy
In-Reply-To: <Pine.LNX.4.62.0608051828490.11690@sokol.elan.net>
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <BB621D48443A854A89D86528F915864C0215F77B@CATL0MS02.corp.cox.com> <20060805212005.D17637@simone.iecc.com> <Pine.LNX.4.62.0608051828490.11690@sokol.elan.net>
X-Songbird: Clean, Clean
Cc: Bill.Oxley@cox.com, ietf-dkim@mipassoc.org
X-BeenThere: ietf-dkim@mipassoc.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IETF DKIM Discussion List <ietf-dkim.mipassoc.org>
List-Unsubscribe: <http://mipassoc.org/mailman/listinfo/ietf-dkim>, <mailto:ietf-dkim-request@mipassoc.org?subject=unsubscribe>
List-Archive: <http://mipassoc.org/pipermail/ietf-dkim>
List-Post: <mailto:ietf-dkim@mipassoc.org>
List-Help: <mailto:ietf-dkim-request@mipassoc.org?subject=help>
List-Subscribe: <http://mipassoc.org/mailman/listinfo/ietf-dkim>, <mailto:ietf-dkim-request@mipassoc.org?subject=subscribe>
Sender: ietf-dkim-bounces@mipassoc.org
Errors-To: ietf-dkim-bounces@mipassoc.org
X-SongbirdInformation: support@songbird.com for more information
X-Songbird-From: ietf-dkim-bounces@mipassoc.org
X-Spam-Score: 0.0 (/)
X-Scan-Signature: f607d15ccc2bc4eaf3ade8ffa8af02a0

I believe that without policy records (we can discuss the particulars
later), the rest is useless.

Regards,
Damon Sauer

On 8/5/06, william(at)elan.net <william@elan.net> wrote:
>
> On Sat, 5 Aug 2006, John L wrote:
>
> >> In no way does accreditation=DKIM
>
> But policy records are in a way. Lets look at it in general -
> policy record is just a statement of what sender believes to
> be true about their email system setup and how receiver can
> use the email..
>
> Accreditation is basically the same thing but the difference
> is that its not sender directly saying it but that sender asked
> (paid) some other party to provide this information to the
> public (and depending on how good accreditation service is
> they might go through some sort of checks to verify its true;
> in the end its still that accreditation service has been paid
> by the sender and is thus not true neutral party no matter
> what they say). Another slight difference is that accreditation
> focuses more on the "use of the email" rather then email system
> setup. Reputation is actually highly similar too but in that
> case it only answers about "use of the email" from perspective
> of 3rd party that has [hopefully] nothing to do with the sender.
>
> We could in fact have a system/protocol that accommodates all of
> these at once. The difference would be that for "policy record"
> the answer would be found directly at the service run by the
> sender (or whoever appears to be the sender in case you need
> to check on that). In the case of accreditation you'd ask some
> 3rd party chosen by the sender where as with reputation you'd
> ask 3rd party chosen by the receiver. The questions asked could
> all actually be the same and could even be if that party always
> sends signed email.
>
> As far as example given by John [FDIC and banks], I think its
> special corner-case because banks members of FDIC so what
> FDIC does is answer a question if they are member or not
> and there is no doubt that FDIC is only place to reliably
> find this out. However if a bank were to have paid some
> other 3rd party to say this bank belongs to FDIC, I'd not
> believe it much more then if bank itself said that directly
> (in fact lawyers would say it should be believed less).
>
> --
> William Leibzon
> Elan Networks
> william@elan.net
> _______________________________________________
> NOTE WELL: This list operates according to
> http://mipassoc.org/dkim/ietf-list-rules.html
>
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

v2.23.0 | Report a Bug | By Email