Suresh Ramasubramanian wrote:
On Wed, Jan 28, 2009 at 8:05 PM, Dave CROCKER <dcrocker(_at_)bbiw(_dot_)net>
wrote:
Including the From: field in the DKIM hash does *not* carry the semantic
that it has valid content!!!!!
As I said .. in certain cases.
...
Send email through our webmail after having logged into your webmail
account with us, an you can't change the from field. Then?
There is a difference between what semantics a particular signer has for their
selection and use of signatures, versus what the standardized protocol conveys.
The signer might choose to sign only those messages that are created by authors
with blue eyes, or that contain the word "fickle", but there is nothing in the
DKIM base protocol that communicates this to the message validator or the
message assessor.
There are exactly two bits of semantic information in a DKIM signature:
1. The portion covered by the hash is the same as it was at the time the hash
was computed.
2. The d= field is being used by someone who has obtained the private key for
that domain name. This is the mechanical definition that DKIM uses for "taking
some responsibility" for the message.
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html