Hallam-Baker, Phillip wrote:
'Authorization' is a term of art. DKIM does not contain any data that
meets the established term of art.
Also, does DKIM provide an authentication platform or an
authorization
platform?
Authentication.
OK. Well that answer threw me a bit at first, but I think I understand....
It was a poor question.
I gather you are saying that DKIM-base can give you an authentic
identity that signed the message, but that DKIM-base tells you nothing
about whether that identity is authorized to be sending the message.
I know that authentic and authorize are specific terms of art and I'm
trying to understand where DKIM stands in relation to them.
DKIM-SSP attempts to at least partially fill that gap. Is that right?
Scott Kitterman
_______________________________________________
ietf-dkim mailing list
http://dkim.org