[ not about ADSP, about DKIM ]
An acquaintance points out that one could prepend an extra From: or
Subject: header to a DKIM signed message, which wouldn't break the
signature, but would often be displayed by MUAs which show the new one
rather than the old one. Needless to say, that weakens the practical
benefit of DKIM for people with MUAs like that.
My theory is that DKIM only applies to valid 2822 messages, and it's not a
substitute for a sanity check for all the screwy things one can send in a
non-conformant message. Perhaps it would be a good idea someday to
collect experience and advice into an implmentation guide, but other
than that, it's not our problem. Agreed?
John Levine, johnl(_at_)iecc(_dot_)com, Primary Perpetrator of "The Internet
Information Superhighwayman wanna-be, http://www.johnlevine.com, ex-Mayor
"More Wiener schnitzel, please", said Tom, revealingly.
NOTE WELL: This list operates according to