>I intially saw a need for a MUA considerations because: >* I still hope DKIM will help protect email identity >* end users rely, or should rely, on their MUA to present verified identity >information in an easily digestable way.
Hmmn. Not to be unduly snarky, but I have the impression that this is some other DKIM than the one defined in RFC 4871. DKIM associates a signing identity, which is a domain name, with a message. That's all it does. It has nothing to do with "verified identity information" by which I'm guessing you mean something about the contents of the From: line. There are other IETF standards that may be useful for your purposes. Please look at RFCs 5750 through 5755, the latest version of S/MIME, which associates an X.509 signature with the MIME body of a message. The signature includes various identity attributes of the signer, generally including a name and e-mail address, and is itself signed by a mutually trusted signing agent. Nearly all MUAs in use today have S/MIME support built in, or at worst an easily installed plug-in. Since you say you're interested in having MUAs present verified identity information, which they do right now, automatically, with S/MIME signatures, I'm kind of surprised you're not using it now. R's, John _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
