On August 9, 2005 at 13:13, Dave Crocker wrote: > The intended thought was that having ANY accountable entity -- where the > accountability is meaningful -- improves the likely validity of the other > identity fields. > > So, no, I had not intended to make direct validation of From or Sender a prim > ary > goal.
If I understand your goals correctly, you see DKIM mainly defining the domain owner the accountable entity for messages sent from that domain versus the author/sender of the message. This implies that the domain owner has some effective "policing" mechanism of the messages that come from that domain regardless of who the author/sender is. The author/sender has no direct accountability, or verifiability, of their messages, with the exception of whatever domain-defined accountability mechanism may be in place. I.e. The author/sender is only accoutable to the owner of the domain it sends message from. If any messages from a domain are abusive in nature (e.g. phishing), it is the responsibility of the respective domain owner to address the offending authors/senders, assuming that not doing so could get the domain's reputation tarnished. Since end user recipients do not need DKIM-aware MUAs, determining which domains are "abusive" are the responsibility of receiving domain owners. Am I accurate in my summation? --ewh _______________________________________________ ietf-dkim mailing list [email protected] http://mipassoc.org/mailman/listinfo/ietf-dkim
