> If I understand your goals correctly, you see DKIM mainly defining the > domain owner the accountable entity for messages sent from that domain > versus the author/sender of the message.
This is precisely what DKIM does. It is the domain administrator who defines the DNS records used by DKIM and DKIM's granularity of the validated identity is a domain name. >This implies that the domain owner > has some effective "policing" mechanism of the messages that come from that Yes. > The author/sender has no direct accountability, or verifiability, of their > messages, with the exception of whatever domain-defined accountability > mechanism may be in place. I.e. The author/sender is only accountable to > the owner of the domain it sends message from. Yes. > If any messages from a domain are abusive in nature (e.g. phishing), it is > the responsibility of the respective domain owner to address the offending > authors/senders, assuming that not doing so could get the domain's > reputation tarnished. Yes. > Since end user recipients do not need DKIM-aware MUAs, determining which > domains are "abusive" are the responsibility of receiving domain owners. Yes. > Am I accurate in my summation? With respect to my own understanding of the mechanism DKIM provides, your summary is quite excellent, in wording, precision and accuracy. d/ --- Dave Crocker Brandenburg InternetWorking +1.408.246.8253 dcrocker a t ... WE'VE MOVED to: www.bbiw.net _______________________________________________ ietf-dkim mailing list [email protected] http://mipassoc.org/mailman/listinfo/ietf-dkim
