--On Sunday, 01 January, 2006 15:49 -0800 Douglas Otis
<dotis@xxxxxxxxxxxxxx> wrote:
>...
> The risks related to interoperability will more likely result
> from assuming authorization authenticates the source. This
> authorization strategy may benefit larger domains, but will
> be corrosive to goals of interoperability and integrity. To
> avoid the misapplication of this mechanism, there are
> suitable alternatives to authorization for the DKIM effort.
> DKIM offers a significant value without authorization to
> establish expectations. Not endorsing authorization schemes
> also discourages possible burden-shifting of the short-
> comings of DKIM. Hopefully, not allowing this tactic will
> lead to a better, safer, and far more fair solutions.
Indeed. And, along the lines of my response to John, and to
Dave's request to be specific, that sort of analysis and
description is _precisely_ what I believe should be required to
be written into text, get WG rough consensus on its
appropriateness and accuracy, and then make its way into the
WG's deliverables.
If agreement on such comments can be reached, I believe that
such a requirement is reasonable and not particularly
burdensome. If such agreement cannot be reached, then I think
DKIM has much more serious problems about applicability and the
definition of the problems being solved than whether or not this
is required.
john
_______________________________________________
Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf