On 10/1/2010 1:27 PM, McCann Peter-A001034 wrote: > The fundamental problem with the current situation is that the > authenticated identity is not displayed and the displayed identity > is not authenticated.
Forgive my pursuing it in this fashion, but I'd class that as a first derivative, rather than fundamental. (But, then, first derivatives are important.) Fundamental is that DKIM is not trying to authenticate the message and it is not trying to authenticate any identity such as From: It is merely trying to affix a /separate/ identifier, with a claim that its being affixed is valid, but not that it relates to any other aspect of the message. In other words, it is trying to identify message streams, rather than "validate" messages or authors. The fact that DKIM uses underlying crypto algorithms keeps confusing people into wanting to use it the way OpenPGP or S/MIME are designed to be used. Ain't gonna work. d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
