Keith Moore wrote: > As far as I can tell, the threats to individuals that result > from traceable network transactions are at least as great as > the threats that result from anonymity. We need to be > thinking in terms of balancing the risk from those two kinds > of threats. This is hard because the relationship between > the two kinds of threat varies from one place to another and > from one time to another. ACK. Nevertheless I want to be able to protect "my" mail from addresses as specified in RFCs 4408 and 4409, and if others prefer DKIM for slightly different purposes that's also fine, it only doesn't solve my problem. Of course I also do want to be able to send "from" unprotected addresses, e.g. to sort out technical issues, or if I'd want to send (pseudo-) anonymous mails. If receivers decide to reject all (pseudo-) anonymous mails it might be a dubious idea, but it doesn't justify to "forbid" or "block" the tested (SPF) / proposed (DKIM) protection schemes. If such schemes simply _cannot_ work as designed for technical reasons it's a different issue. The IAB decided that this is no reason to fix another proposal (SID), but at least it's very clear that it won't fly as proposed standard. And the authors are free to tackle the real problems in RFCs 2822 and 4409. Frank _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf