----- Original Message -----
From: "Douglas Otis" <[EMAIL PROTECTED]>
To: "Hector Santos" <[EMAIL PROTECTED]>
> This is indeed a common refrain. Until MUAs are modified, DKIM
> offers no such protection however.
You are limiting your scope to offline world. What about the online world?
> When MUAs are modified, the signing-domain should be made
> visible in some manner.
Why?
In the perfect world of "chain of trust", the users just wants to see:
FROM:
TO:
DATE:
SUBJECT:
> This could by done when an initial message is received, where
> the user is asked to approve these identifiers.
Why can't his ISP do it for him?
> Anytime an identifier appears to have changed, or another
> message looks like a message with retained identifiers,
> they should be alerted.
Why bother and confuse the user at all?
> In that case, there would no need for an SSP scheme.
> None!
I love your ethusiam. But its not doing it for me. Sorry.
> This could be enhanced by offering recommendations
> contained directly within the signature on the scope
> of identifier needed to isolate the author.
Is this at the 821 level?
--
Hector Santos, Santronics Software, Inc.
http://www.santronics.com
_______________________________________________
ietf-dkim mailing list
http://dkim.org
