In my view, security has taken the back seat in DKIM. As an feature or option, Author Domain Policy MUST be part of the package before "it is shipped."
If you interested in the federal and industry concerns in how there is a lack of security, thumbing down of security, not patching of known issues, the lack of disclosure and the need for "Security By Design", then get some coffee, sit back and watch this Congressional Hearing video on CSPAN2: http://www.c-spanvideo.org/program/DataT Also see this article in how depending on a SINGLE TRUSTED SIGNER can be affected when SECURITY is throw by the DKIM waste side - see item #1 and #2 below: http://www.280group.com/blog/?p=1330 What does this mean for the affected companies. (1) Time to get a new online marketing vendor. (2) A probable loss in the effectiveness of your online marketing campaigns, at least for email, and (3) it is important to get out in front of this issue, so your customers don’t get victimized by scams. Ironically, in the congressional hearing, one representative suggested the idea of a "Turn off Switch" - ADSP would be perfect to turn off a turned off or revoke a trusted signer who was breached. -- Hector Santos, CTO http://www.santronics.com http://santronics.blogspot.com _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html