On Thu, Aug 3, 2023, at 11:08 AM, Laura Atkins wrote:
> I agree with this and have been working to recruit folks to come here. I’ll
> also be in Brooklyn and pitching the need for participation in the IETF
> working group from folks in the email space who are seeing issues with this.
I'll be there and interesting in participating. As an ESP/infrastructure
provider I can say that we are "having" the issue, but can't say that we
"seeing" the issue since visibility is only available to anti-spammers, and
domain owners (who receive DMARC reports).
I recall various assertions that the reason why DMARC has been successful is
primarily because of the Reporting benefits (and I certainly agree with this
assertion from my background as an enterprise domain owner), while the
Conformance benefits seem to be more elusive (as evidenced by the inconsistent
adoption by receivers and the debates around interoperability issues with
indirect mail streams). Of course, the Authentication benefits are provided by
DKIM/SPF, and yet DKIM signers have no standard mechanism to receive reports of
how their signatures are being misused.
If people think that Reporting is the reason why DMARC has been successful,
then could we conclude that the lack of Reporting to DKIM signers is a problem
worth addressing?
The company I work for indexes very highly on measurability. If an initiative
can't be measured, there is no way to measure its success, so it is very hard
to prioritize.
Jesse
_______________________________________________
Ietf-dkim mailing list
Ietf-dkim@ietf.org
https://www.ietf.org/mailman/listinfo/ietf-dkim
