Likely DKIM endgame

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Eric,


No, I don't have any empirical evidence for asserting that it's
certain or likely to occur. But in truth nobody has much empirical
evidence for anything here, so we're reduced to theorizing.

Serious theorizing works carefully from an empirical base, with a clear logic sequence. This never guarantees that they are correct, but does serve to vet their legitimacy.

Theorizing absent this kind of effort is not theorizing.  It is fantasizing.

There are an infinite number of possible fantasies and their injection into a project management effort, such as the start of a standards process, mostly -- I even suspect exclusively -- serves as distraction, particularly when they are repeated forcefully.


Now that we've got that out of the way, it's worth working through the
reasoning of why I think (b) is the likely endgame.

It certainly is.


The basic value proposition of any sender authentication system as an
input to filtering is that lets you increase the sensitivity of the
filters, while still obtaining an acceptable overall false positive
rate.

Nicely said.  (And, by the way, I agree with the statement.)


 Imagine that without sender auth, your filters have a false
positive rate of P and a false negative rate of N. With sender auth,
some fraction of those false positives will be eliminated, letting you
dial up the sensitivity of the filter. If we assume that the sender
authentication is perfect, then we get the following:

Message Authenticated Yes No False positive 0 P' (P' > P) False negatives 0 N' (N' < N)


But this makes it even more attractive for the good senders to
authenticate their messages (because otherwise they stand a higher
chance of being rejected) which means that the receivers can increase
the sensitivity of their filters, and so on.
> So, at the end of the
day, if something like DKIM is successful, I would expect an
equilibrium where filters are set extremely high and nearly all good
senders authenticate their messages because otherwise they stand
an unacceptably high chance of having them rejected.

I am less certain of "expect" than I am of "hope for".

In any event, that is quite different from *requiring* everyone to sign, or automatically rejecting all unsigned mail. Yet these are what you were putting forward.

Further as was pointed out at the BOF, the scenario you have describe is a voluntary community collaboration. So if the outcome you describe occurs, it will be because the community agrees that they like that outcome.

This makes it really perplexing to view it as a problem.


d/
--

Dave Crocker
Brandenburg InternetWorking
<http://bbiw.net>

_______________________________________________

Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf

[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Mhonarc]     [Fedora Users]

  Powered by Linux