- From: James A. Donald <jamesd@echeque.com>
- Date: Mon, 19 Jun 2006 11:23:57 +1000
- To: Amir Herzberg <amir.herzberg@gmail.com>
- CC: public-usable-authentication@w3.org, pbaker@verisign.com
-- James A. Donald: > > Authentication without reputation management is > > useless. The purpose of authentication is to > > support reputation management. DK and SPF are > > attempting to walk around on one leg. Amir Herzberg wrote: > I agree on the importance of reputation and/or penalty > mechanisms (that's where most of my work in this area > is). However, I think you are a bit carrying it too > far. DKIM, and even SPF, allow organizations to use > whitelisting; that's already valuable (and of course, > it is also a basic reputation system, so you are not > wrong Yes, but I cannot usefully whitelist senders of authenticated messages either, which means no one has much incentive to authenticate their mail. In a previous post, Hallam-Baker, Phillip wrote : : This is why we began circulating the VeriFied : : Domains List which has over 100,000 : : authenticated domains listed on it. If I could whitelist authenticated emails from domains on his list, plus various random friends and relatives, that would be useful to me. If lots of people started whitelisting, then suddenly domains would want to use DK and SPF. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG VdTVET6A0Z/r3TptDMcvBKZlqs1Wlmedt6d6I20g 4JuH0WpKw+myB69OShDYGfuvGN6Bg/6sPwkaBt/Qw
Received on Monday, 19 June 2006 01:24:03 UTC