All of this has been aired extensively among experts on at least two
public lists as well as many private ones. I have personally had a lot
to say on the matter but don't see the point of repeating it here.
Mark
On Aug 26, 2005, at 10:23 AM, Keith Moore wrote:
perhaps not, but if DKIM doesn't address either phishing, spam, or
viruses, and it doesn't authenticate content authorship, what good
is it?
I said that I don't think phishing should be combined so closely with
the problem of spam. But you throw in viruses and claim that it
doesn't address any of the combined three. Where's this coming from?
I think you're wrong: DKIM does address spam and email-borne
viruses.
No it doesn't, it just accepts on faith that signatures with vague
semantics and poor granularity are enough to distinguish spammers and
virus propagators from well-behaved senders, and defers the actual
work of distinguishing between these to a vaguely concept of
reputation servers, which is out-of-scope for DKIM therefore doesn't
have to be understood.
In other words, it's not solving the problem or even trying to
understand the problem, it's just moving it.
Keith
_______________________________________________
Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf