On May 1, 2006, at 8:30 PM, Mark Delany wrote:
On Mon, May 01, 2006 at 07:07:19PM -0700, Douglas Otis allegedly
Is this r= thing fundamental to that [verification] function or
could it be developed as a separate exercise above and beyond the
A good point. There is no desire...
The good news is that the first 100 words seemed like they were
trending towards a no, so I'll run with that.
There remains a serious, but easily corrected, limitation with the
basic DKIM mechanism that threatens retention of trust for specific
sources within a signing-domain. This limitation should be overcome
at the outset to avoid a counter-productive practice that employs
additional domain names as a means to isolate less trustworthy
sources. It would be an unfortunate oversight that reduces security
and safety by not permitting the signer a means to identify specific
trustworthy sources within a common domain.
NOTE WELL: This list operates according to