On Thu, 24 Aug 2006 01:28:48 +0100 Stephen Farrell
<stephen(_dot_)farrell(_at_)cs(_dot_)tcd(_dot_)ie> wrote:
Dave Crocker wrote:
So, the degree of enforcement for the content of *any* signed field is
not
stated as part of DKIM's specification.
For DKIM-base, yes, but not for DKIM.
Yes, that sounds right. DKIM-base says how to sign stuff but really
says little about what that stuff might mean.
Yes, but DKIM-SSP gets beyond that. The content of the 2822.From has to be
meaningful.
If so, then that doesn't seem to be dependent on the "SSP DSD"
mechanism. I've no position on whether that's right or not, but
haven't understood what the "SSP DSD" mechanism changes.
I think it changes not much. An operator signing first party need to
ensure 2822.From isn't forged. This is true whether they sign first party
based on the signing domain being the same or by being a DSD.
Scott K
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html