Dave Crocker wrote:
This is precisely what DKIM does. It is the domain administrator who
defines the DNS records used by DKIM and DKIM's granularity of the
validated identity is a domain name.
That is not correct. The local part of the i= is intended to
provide a binding to the local part of outside origination
headers, not just the domain part. Which is why it is,
in fact, a primary goal.
Since i= is optional, it seems difficult to argue that it demonstrates the
tie-in to other identity header fields as primary goal.
It's not optional; its absense is just defaulted. For
the verify operation, it is $i = "@$d". For the binding
operation it is $i = "$g(_at_)$d".
Mike
_______________________________________________
ietf-dkim mailing list
ietf-dkim(_at_)mipassoc(_dot_)org
http://mipassoc.org/mailman/listinfo/ietf-dkim