The DKIM draft mentions:
"Under no circumstances should an unsigned header field be displayed
in any context that might be construed by the end user as having been
It could be extended further:
The "From:" header should not be signed if it contains more than one
An alternative, for the core document, is merely to note that display of
identity-related fields is a highly sensitive aspect of application
usability and that consideration of the design issues affecting it are
outside the scope of this specification.
Having the core document give ANY normative guidance on user interface
design and cognitive processing concerns -- note the draft text says
"should" -- or for that matter any guidance at all is not going to help the
focus or utility of the document's main purpose.
ietf-dkim mailing list