Earl Hood wrote:
In general, DKIM isn't an end-user signature; it's a signature from a domain owner (or, more accurately, whoever controls the _domainkey subdomain of a domain). Signatures are usually created by gateways; we don't expect MUAs to be signing things in most cases. So perhaps the question should be, "How do you distinguish between a signature from the original end-user's domain for that end-user?"On October 11, 2005 at 21:50, "Hallam-Baker, Phillip" wrote: DKIM SSP approaches this a little differently. Given the fact that it's almost always the RFC 2822 From: address that gets displayed to the recipient, it asks whether there is a valid signature for that address on a message. If so, it's considered a "first-party" signature and satisfies an Exclusive signing policy (denoted by !), and if the only valid signature(s) are for other addresses, it's a "third-party" signature and might be handled differently. -Jim |
_______________________________________________ ietf-dkim mailing list http://dkim.org
