Dave Crocker wrote > > I like your wording enough to suggest that we try to assess support > for it among the list. > > I'm suggesting some minor changes, only to tighten it up a bit: > > > There is nothing in an ordinary email message, except for the RCPT TO line > and the IP address of the host that sent it to you, that is a reliable
> identifier. A validated DKIM signature lets you take some reasonable subset > of the message you received and know that it came from a designated source. > The main benefit of DKIM is that a validating agent can know where the > message came from. This is more reliability than email source > identification has ever had before. > This is useful, but seems to ignore the discussion that has been surrounding the fact the signature does not provide assurance about the source - rather it provides assurance that a specified signing party is vouching for the message. The signing party may be associated with the source, or they may not be. Accepting the message on the basis of the signature implies accepting the relationship between the signing agent and the message originator. _______________________________________________ ietf-dkim mailing list <http://dkim.org>
