Suresh Ramasubramanian wrote:
On Wed, Jan 28, 2009 at 7:42 PM, Dave CROCKER <dhc(_at_)dcrocker(_dot_)net>
It provides data integrity, for the portions covered by the hash, and it
authenticates the asserted "signing identity". It does *not* assert
authorization of the From: field.
Unless the from field is signed .. and perhaps this is appropriate in
quite a few scenarios.
NO NO NO NO NO!!! A thousand times NOOOOOOO!!!!!
Including the From: field in the DKIM hash does *not* carry the semantic that
has valid content!!!!!
Mail sent through mipassoc.org, such as this DKIM wg mailing list
are signed by my ISP. I guarantee you that the ISP does not evaluate whether
the From: field is authorized to be used by the author. All that a DKIM
signature means is that the "signing identity" -- in this case, mipassoc.org,
which has nothing to do with the author -- is taking some responsibility for
message. And the nature and degree of that responsibility is intentional left
That's massively different from saying that particular portions of the
message are "correct".
NOTE WELL: This list operates according to