"John R Levine" <johnl@xxxxxxxx> writes: >> OK. If this is just an assumption and not backed by evidence, I would >> suspect that outside of the web you see a lot less use of the big CAs. This is my impression as well. And a fair amount of the reason here is UI: the browsers are set up to check the server's cert and the MTAs generally are not. > Probably true. And since DKIM has no provision for authorities at all, it > definitely doesn't use them. Well, yes and no. DKIM depends for its security on the DNS, which means that it depends on the security of the DNS. In order for this to be strong (i.e., cryptographic) security, the relevant DNS records need to be signed and that means that there's a dependency on the DNSSEC roots. > So remind me, what is the problem with DKIM that we're all supposed to be > worried about? AS I understand it the concern is that people who don't use DKIM will eventually not be able to send e-mail to people who are using it. I'm not sure that this is something that people should be concerned about, indeed, the logic of this kind of system is that if it succeeds that's exactly what will happen. That said, I don't think that the comparison with STARTTLS is particularly illuminating. While in principle one could use STARTTLS as a measure to discriminate between classes of senders, in practice it's not used that way but instead used primarily for confidentiality. However, DKIM's only real use is to discriminate between classes of senders, so we do need to expect it to be used that way. -Ekr _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf