4) the ability to ride "stealthfully" within the existing
infrastructure without need to upgrade either MTA's or MUA's
I think the point here is that if your MTA or MUA doesn't handle DKIM,
you won't see anything out of the ordinary. Compare that to the
mystery meat message parts you get with an S/MIME message in a MUA
that doesn't handle S/MIME.
There are a lot of situations where an MTA forwards a message
"transparently", without significant munging other than adding a
Received: header, and DKIM signatures are designed to survive that,
which is a useful case for a wide set of courtesy forwards of the
pobox.com and ieee.org variety. This is NOT saying that it's bullet
proof in the face of mutilation by Exchange and the like, but at least
the basic forwarding scenario that caused so much excitement for SPF
or Sender-ID in MARID isn't a problem here.
You are of course correct that to take advantage of DKIM, MTAs and MDAs
and perhaps MUAs need upgrading.
R's,
John
_______________________________________________
ietf-dkim mailing list
http://dkim.org