The issue is mandatory end-user identification with i=.
To make it more concrete, can we take this as a proposal to
change section 2.8 to remove references to the local-part?
An "Originator Signature" is any Valid Signature where the domain of
the signing address (the domain of the "i=" tag if present,
otherwise its default, the value of the "d=" tag) matches the domain
of the Originator Address. The domains are matched using the usual
rule, a case-insensitive ASCII comparison.
I'm all in favor of this for a variety of reasons. Existing RFCs have
carefully avoided saying anything about local-parts, and in particular
whether two addresses are the "same". RFC 2821 notes that unlike
everything else in SMTP, you can't even assume that local-parts are
case insensitive so Jim(_at_)blah(_dot_)com and jim(_at_)blah(_dot_)com may be
Or they may not.
I sympathize with senders' desire to do DKIM key management, but my
sympathy does not go so far as to require recipients to help them do
NOTE WELL: This list operates according to