Barry, et al,
We have to be clear about what DKIM is and isn't.
DKIM is something that lets a sender say "my domain sent this message".
(no eye-rolling is allowed, here...)
When I harp about the problems of using the term "sender", for DKIM, it is for
exactly this type of discussion.
If you went out and asked 20 non-technical people -- enough to make an
interesting sample of the population -- what they think your above sentence
means, I predict that all 20 would respond that the semantics were along the
lines of "someone in that domain wrote the message", rather than something like
"something (person/software) related to that domain *handled* the message."
My own view is that getting the technology right is frankly the minor challenge,
in getting widescale deployment and use of DKIM. The major challenges are
a) expectations for it, and
b) ease of administration and use.
A misunderstanding of the actual meaning of a DKIM signature seems certain to
defeat the first requirement. At the least, try thinking of how poor the new
reporting on DKIM is likely to be when the reporter is subject to this
Even within the DKIM technical community, there seems to be a pretty wide range
of beliefs about the meaning of a DKIM signature. I suspect this very thread
In particular, any attempt to include that sort of information in DKIM
is explicitly out of scope for this working group.
Given the predisposition folks have towards such misunderstandings, it well
might be worth a distinct section of text (with a table of contents entry) that
anticipates the problem and discusses it.
NOTE WELL: This list operates according to