On Wed, Apr 9, 2025 at 8:17 AM Pete Resnick <resnick= 40episteme....@dmarc.ietf.org> wrote:
> On 7 Apr 2025, at 13:11, Dave Crocker wrote: > > Bron, > > On 4/7/2025 10:53 AM, Bron Gondwana wrote: > > I buy this argument. You're quite correct, DKIM doesn't have any actual > problems. It's perfect. It does exactly what it's specified to do. > > DKIM is also insufficient for the purpose for which it's trying to be > used. And there's an argument that "the purpose of a system is what it > does". > > My point is that it is fine for what it is trying to do. It does exactly > that. That's sufficiency, not insufficiency. > > I suspect you two just talked past each other because of Bron's use of the > passive in his second paragraph. If I understand correctly, Bron is saying > that DKIM is insufficient for the purpose for which *certain anti-spam > mechanisms* are trying to use it. Or maybe for the purpose for which some > other thing is trying to use DKIM. But either way, that DKIM is sufficient > for its designed purpose, and insufficient for some other purpose. That > isn't surprising, but maybe that needs to be clear in one of the documents. > +1, I think they're both right. DKIM has proven to be a font of attractive nuisances. It would be so much better "if only we could solve replay", or "if only we could recover author signatures", or "if only we could control bounce noise", or "if only we could tie it to the From domain." These always seem to be eternally elusive, which is why they keep coming up and the proposed solutions, every iteration of which often looks remarkably like the one before it, never seem to go anywhere (or they get forced, with ugly results). I think DKIM's curse is that it is -- or was, when it first appeared -- so promising of a development that people expect it, by itself, to deliver more than it can. Maybe it got over-hyped, despite careful use of language like "take some responsibility" or "noise-free channel" or "associate a domain name", and so when some derivative capability isn't possible, it's identified as a shortcoming. Pete wants to drive to Chicago, but his fancy new car can only go as far as Calumet City. You can almost see Chicago from there, but you can't experience it. Imagine the frustration. So while I think we should continue to be crisp in how we talk about what DKIM really does, and not more, I also fully understand where people are coming from who tend to use language that identifies these absent things as defects, because it really does feel like they should be there, or at least be within our grasp. -MSK
_______________________________________________ Ietf-dkim mailing list -- ietf-dkim@ietf.org To unsubscribe send an email to ietf-dkim-le...@ietf.org
