On Wednesday 09 August 2006 14:34, Tony Hansen wrote:
-1
I want companies such as eCard senders or News Agencies to be able to 1)
send a message on my behalf while 2) marking themselves as the sender
and 3) being able to sign the message. This minimally requires support
for RFC2822.Sender as well as RFC2822.From.
I *would* support changing it to
1. Mail with a RFC2822.From or RFC2822.Sender A is sent to B with a
missing or broken DKIM signature
This has nothing to do with PRA and its support for Resent-From and/or
Resent-Sender.
Agree it has nothing to do with PRA, that's why I say don't use the word
purported.
Since many popular MUAs do not display Sender, including Sender defeats nearly
the entire purpose of the Bigbank example. I think what you would want then
is the DKIM signing complete practice.
I think we went around several times on From or From/Sender and there was (in
my opinion, which I know counts for exactly nothing) a reasonable rough
consensus that From was what we should focus on.
Keep in mind that the Big Bank example is explicitly about phishing targets
that are willing to accept breakage of some legitimate e-mail functionality.
That doesn't sound like your case.
Scott K
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html