On Thu, 07 Apr 2011 16:44:56 +0100, Steve Atkins <[email protected]> wrote:
> On Apr 7, 2011, at 5:13 AM, Charles Lindsey wrote: >> E.g. DKIM-Signature: v=1; d=corp.example.com; <blah>; >> tx="birthdate=1970-02-24" >> >> or DKIM-Signature: v=1; d=corp.example.com; <blah>; >> tx="signed by List Expander" >> >> I suppose such a tag would have to be an extension to avoid recycling at >> Proposed. > > > It's not machine readable and has no semantics - so a sender who just > wants to stash human readable trace or advertising content (a-la > User-Agent) > could use a 5322 field just as well, possibly the "Comments". Yes, I thought of that. But my intent was that at least this tag would be reported in any Authentication-Results header, and that header is normally the first place people will look to resolve suspicions concerning signatures. Essentially, it is for human interpretation, but good luck to anyone who finds some way to use it automatically. The 'i=' tag is in a similar state. For sure it is useful to have some signed indication of who the actual author was (in situations where the signer can be sure of that). That was what 'i=' was supposed to achieve, but its semantics are a bit too weak for that. Nevertheless if (as seems to be the case) it is shown in the Authentication-Results it would have some value for humans (and even for automata when used with care). In practice, there are three usages which seem to be common; are there others? 1. FROM = Alice@whatever i=sales.example.com d=example.com 2. FROM = [email protected] [email protected] d=example.com 3. From = [email protected] [email protected] d=example.com. 1. Gives some clue, and avoids a different key for the sales subdomain 2. Is fine, but don't expect [email protected] to be a working email address. 3. Is a cause for suspicion, but it takes a human to realise the distinction between "bob" and "sales". So my inclination is to leave 'i=' there. It is currently used, and will continue to be used even if we remove it. It is not actually broke - just not quite fit for purpose. -- Charles H. Lindsey ---------At Home, doing my own thing------------------------ Tel: +44 161 436 6131 Web: http://www.cs.man.ac.uk/~chl Email: [email protected] Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K. PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5 _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
