The problem of rfc2822.From spoofing is involves some complex human
issues and we do not have much track record solving them.
I don't see what "complex human issues" are involved in the simple wish
as a domain owner to make known whether use of that domain in a sender
identity field requires a signature or not.
Relying on the SSP to solve phishing problems doesn't deal with
lookalike domains, for example.
Tony.
--
f.a.n.finch <dot(_at_)dotat(_dot_)at> http://dotat.at/
BISCAY: WEST 5 OR 6 BECOMING VARIABLE 3 OR 4. SHOWERS AT FIRST. MODERATE OR
GOOD.
_______________________________________________
ietf-dkim mailing list
http://dkim.org