John R. Levine wrote:
Gee, how many ways are there to say that i= doesn't identify the user?
The i= field doesn't do that. DKIM doesn't identify individuals, only
Your statement is not correct.
The spec says that it *does* identify a user.
It does not say the identification is an email address.
It does not say that the user is the author.
It does not say that anyone other that the creator of the identification
parse and comprehend the identifier.
But it does say that it is the user who the signing was done "on behalf of".
NOTE WELL: This list operates according to