On Mon, 2004-11-01 at 04:07 +0000, John Levine wrote:
Well, yeah. We've hashed over this a million times. There are
plausible arguments in favor of both 2821 and 2822 addresses, but I
was under the impression that the consensus here was that we're
signing 2822 addresses.
I was under the impression it was still a bit undecided. And the only
coherent argument I've seen for RFC2822 addresses is the visibility
thereof -- which I increasingly believe to be a bogus argument. Did I
miss other reasons why we might want to use RFC2822 addresses?
This is an area where we really won't know
how well things work until there are substantial experiments, and of
the proposals I'm aware of, the only ones that have been implemented
and used much are DK and TEOS, both of which sigh 2822 headers.
I'm waiting for one of these to look even vaguely deployable. It looks
like IIM just got there, so I'll be looking into that as soon as I get
some time to play.
It's also important to keep in mind that the software we use is often
not the software that typical Internet users use. As a specific
example, I've often seen comments to the effect that MUAs don't
display what's in the Subject: line. If you use MS Outlook (which
I'm not saying is a good idea, but a whole lot of people do), it does
show the Sender: header, displaying something like "from <sender> on
behalf of <from>."
I didn't say it doesn't display the Sender:. I said it doesn't even
reliably display the From: header. Am I wrong in my understanding that
it only displays the display-name and not the actual address?
Does it also show the Resent-From: header? If not, the visibility
argument is still bogus, surely?