Scott Kitterman wrote: > I think that a requirement to sign RFC 2822 required identity header fields > (From and Sender if present) makes a lot of sense. I expect that if we don't > make this a requirement in Base, then in operations, receivers will pay > little attention to signatures that don't include them.
The critical language in your note is "I expect that". THe entire point about distinguishing mechanism from policy is that the latter is subject to learning and preference. Although your expectation might be right, it might not. Either way, it does not affect the technical mechanism for creating a signature and validating it. What it DOES affect is the UTILITY of that signature. But lots of things affect that utility. That's the stuff of policy work. d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
