On Tue, 26 Apr 2011 05:29:35 +0100, Dave CROCKER <[email protected]> wrote:
>> DKIM doesn't create any binding between the RFC5322.From domain and the >> "d=" >> value as you're doing. What you're talking about here falls into the >> realm >> of ADSP or other policy-like assertions, not DKIM itself which is the >> topic >> of this draft. > > > Perhaps I am wrong, but I believe that this point has been made and > re-made > enough times to warrant not making it again. Not so. DKIM specifically requires that the From header be included in the signature. Hence end users (and that included verifiers) are entitled to assume that if there is a valid signature, then "the" From header that they see before them was signed. So there does already exist a binding quite independently of ADSP or reputation suystems, or any other "addons". -- Charles H. Lindsey ---------At Home, doing my own thing------------------------ Tel: +44 161 436 6131 Web: http://www.cs.man.ac.uk/~chl Email: [email protected] Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K. PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5 _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
