If I understand your goals correctly, you see DKIM mainly defining the
domain owner the accountable entity for messages sent from that domain
versus the author/sender of the message.
This is precisely what DKIM does. It is the domain administrator who defines
the DNS records used by DKIM and DKIM's granularity of the validated identity
is
a domain name.
This implies that the domain owner
has some effective "policing" mechanism of the messages that come from that
Yes.
The author/sender has no direct accountability, or verifiability, of their
messages, with the exception of whatever domain-defined accountability
mechanism may be in place. I.e. The author/sender is only accountable to
the owner of the domain it sends message from.
Yes.
If any messages from a domain are abusive in nature (e.g. phishing), it is
the responsibility of the respective domain owner to address the offending
authors/senders, assuming that not doing so could get the domain's
reputation tarnished.
Yes.
Since end user recipients do not need DKIM-aware MUAs, determining which
domains are "abusive" are the responsibility of receiving domain owners.
Yes.
Am I accurate in my summation?
With respect to my own understanding of the mechanism DKIM provides, your
summary is quite excellent, in wording, precision and accuracy.
d/
---
Dave Crocker
Brandenburg InternetWorking
+1.408.246.8253
dcrocker a t ...
WE'VE MOVED to: www.bbiw.net
_______________________________________________
ietf-dkim mailing list
ietf-dkim(_at_)mipassoc(_dot_)org
http://mipassoc.org/mailman/listinfo/ietf-dkim