In particular, any attempt to include that sort of information in DKIM
is explicitly out of scope for this working group.
I thought we have moved on to SSP? SSP is not out of scope. Correct? I am
referring to SSP to help answer many of these questions being raised,
including this thread about nth signatures and ambiguious mandate on how it
should be "Intepreted!"
Well, first, we're still focusing on the base, which is supposed to be
done within two months now.
Second, even SSP does not aim to address the quality of the message or
the trustworthiness of the signer. The closest it comes to that is that
in the current formulation, the RFC822 From domain can advise the
recipient that it would like them to be suspicious of messages that are
not signed directly by it.
Barry Leiba, Pervasive Computing Technology
NOTE WELL: This list operates according to