On Mon, Oct 22, 2007 at 02:16:52PM -0700, Mark Delany wrote: > On Oct 22, 2007, at 1:37 PM, Jon Callas wrote: > >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >>> So if he said i=subdomain.example.com, then surely the From/Sender >>> can be expected to be from that subdomain; and if he said >>> [EMAIL PROTECTED], then surely recipients can assume that >>> 'someone' had indeed played some part in sending it. >>> >> >> Absolutely not. DKIM is a protocol in which one administrative domain >> speaks primarily to other administrative domain. It's not a domain-to- >> user protocol nor a user-to-anything protocol. The i= parameter can >> be anything the signing domain wants it to be. It is unlikely to be >> an outright lie (for example, I mark all mail coming from alice with >> bob), but it may be. >> > > I liken i= to IDENT (RFC1413). The values *may* be meaningful to the > administrative domain, but that's all that can be said about it.
It would be very useful. Think d=bigmarketingcompany.com [EMAIL PROTECTED] d=bigmarketingcompany.com [EMAIL PROTECTED] d=bigmarketingcompany.com [EMAIL PROTECTED] etc. One signing domain, one DKIM entry in DNS, but many identities. -- :: Jeff Macdonald | Director of Messaging Technologies :: e-Dialog | [EMAIL PROTECTED] :: 131 Hartwell Ave. | Lexington, MA 02421 :: v: 781-372-1922 | f: 781-863-8118 :: www.e-dialog.com _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
