On Monday, August 01, 2011 08:48:04 AM Nathaniel Borenstein wrote: > I find it amazing how many different ways there are to criticize DKIM for > not doing something it was never intended to do. DKIM is a small building > block that enables new functionality, but such functionality is beyond the > scope of DKIM. > > DKIM does one thing, and one thing only: It uses a cryptographic signature > to associate a domain with a message. By doing so, it creates strong > evidence that the message passed through that domain at some point and has > not been significantly m ... In fairness to Hector, the functionality that he is complaining is missing was part of the original working group charter. I think it's unfortunate (and I said so at the time) that the group chose to define a core DKIM protocol first and then attempt to bolt a policy mechanism on afterwards. It's rather not suprising it didn't work out well (ADSP). So you are correct, it does one thing and one thing only, but that's because the WG decided to build it that way, not because the WG was limited to that. Of course, now, it is what it is and there's no changing that, but I also think it's reasonable to think it could have been done better. Scott K P.S. It's possible I may mis-remember WG versus pre-WG discussions here, but either way it was a poor (IMO) way to attempt to tackle the work. _______________________________________________ Ietf mailing list Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf