> [mailto:[EMAIL PROTECTED] On Behalf Of Scott Kitterman
> > 1) Providing a mechanism whereby an Internet domain name owner can > > claim responsibility for an email message > > > > 2) Provide a mechanism to allow notification of an Internet domain > > name owner's policy for claiming accountability > > > > 3) Provide an authentication platform on which TTP providers of > > accreditation and/or reputation information can build products that > > are tied to a domain name rather than an IP address. > > > > Forgery then falls out of the goals section of the charter, it is > > simply an attack that might be attempted. > > > In saying that, do you think that your #2 policy set includes > describing > an authorized set of relationships between use of their domain in > certain header fields (e.g. From:) and the signing domain? Lets stick to the case where the sender describes what they do. 'Authorization' is a term of art. DKIM does not contain any data that meets the established term of art. > Also, does DKIM provide an authentication platform or an > authorization > platform? Authentication. _______________________________________________ ietf-dkim mailing list http://dkim.org
