----- Original Message ----- From: "Wietse Venema" <[EMAIL PROTECTED]>
> The problem that you refer to is due to the mistaken belief that > DKIM signatures imply anything about rfc2822.from addresses. You keep saying that its a mistaken belief. Yet, DKIM-BASE is filled with sorts of implications about the x822.From address. See section 5.4. > We can eliminate the problem by simply taking DKIM signatures for what > they actually are: proof about the identity of the signing party, > not proof about the identity of the author. Now that is a mistaken belief that the problem will go away. :-) It is an implied proof about the identity of the author via the validation of the signature. What you are basically suggestion is that you shouldn't TRUST the From field. That's a difference mindset that will required special batteries! However, I think the overall mistake is not seriously taken into account failure analysis. I think it is also a mistake to presume all receivers are going take on unnecessary overhead where there is little payoff. And I think it is a HUGE mistake to believe the general public is just going to accept your (and Dave's) vague explanation of what DKIM is really all about. -- Hector Santos, Santronics Software, Inc. http://www.santronics.com _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
