Jim Fenton wrote:
> I'll stipulate that accountability may be the wrong word. However, your
> rewording doesn't pick up the concept that the domain registration may
> be fraudulent, and in that case I don't think it's properly assigning
> accountability. I was trying to convey that there is a dependency here
> that puts an upper bound (a rather low upper bound, at that) on the
> ability to identify the domain owner of a properly signed message.
>
How about the following:
DKIM's ability to identify a domain owner is [also] bounded by
whatever checks a registration authority imposes.
Eliot
_______________________________________________
ietf-dkim mailing list
http://dkim.org