perhaps not, but if DKIM doesn't address either phishing, spam, or
viruses, and it doesn't authenticate content authorship, what good is it?
I said that I don't think phishing should be combined so closely with
the problem of spam. But you throw in viruses and claim that it doesn't
address any of the combined three. Where's this coming from? I think
you're wrong: DKIM does address spam and email-borne viruses.
No it doesn't, it just accepts on faith that signatures with vague
semantics and poor granularity are enough to distinguish spammers and
virus propagators from well-behaved senders, and defers the actual work
of distinguishing between these to a vaguely concept of reputation
servers, which is out-of-scope for DKIM therefore doesn't have to be
understood.
In other words, it's not solving the problem or even trying to
understand the problem, it's just moving it.
Keith
_______________________________________________
Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf