> At 15:30 15-08-2005, Earl Hood wrote: > >Care must be taken that no accountability is assumed on behalf of > >the signer on the desirability of the message. The signature just > >states that a given message passed through their system. > > Even if DKIM Signature does not make the signer responsible or > accountable, some people may infer it.
All the more reason to make the semantics clear, to make assertions of accountability explicit, and to provide some (informative, not normative) advice to implementers regarding use of DKIM signatures in presentation and filtering. There's a huge potential for misunderstanding, but that comes with the territory. We might even do well to avoid using the word "Signature" in message headers and whatnot. The meaning of "signature" in the crypto world is different from the meaning of "signature" in the paper world. Keith _______________________________________________ ietf-dkim mailing list http://dkim.org
