[mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of Scott
Kitterman
1) Providing a mechanism whereby an Internet domain name owner can
claim responsibility for an email message
2) Provide a mechanism to allow notification of an Internet domain
name owner's policy for claiming accountability
3) Provide an authentication platform on which TTP providers of
accreditation and/or reputation information can build products that
are tied to a domain name rather than an IP address.
Forgery then falls out of the goals section of the charter, it is
simply an attack that might be attempted.
In saying that, do you think that your #2 policy set includes
describing
an authorized set of relationships between use of their domain in
certain header fields (e.g. From:) and the signing domain?
Lets stick to the case where the sender describes what they do.
'Authorization' is a term of art. DKIM does not contain any data that
meets the established term of art.
Also, does DKIM provide an authentication platform or an
authorization
platform?
Authentication.
_______________________________________________
ietf-dkim mailing list
http://dkim.org