Frank Ellermann wrote:
If I can't use "my" user(_at_)isp(_dot_)example (or similar vanity host
alias(_at_)user(_dot_)isp(_dot_)example constructs) whereever it pleases me
in a mail header, then it's not more good enough, and I'd
find a better ISP. The mail header is user territory. The
limit for this "hostage" issue is the MAIL FROM from my POV.
(And for the "errors-to" fraction that's already insane)
It is worth noting that this scenario relies on ISPs that either do
not do DKIM signing or utilize relaxed policies. So, you either have
the case where DKIM will not be the norm for all email or relaxed
policies become the norm, reducing the effectiveness of DKIM.
The key question is, "Who 'owns' the mailbox address and the allowable
uses of it?". DKIM may cause a power shift from mailbox users to
domain owners by giving the ability for domain owners to assert tight
controls on mailbox addresses under their domains, something not
easily done currently. This gives the ability of domains to alter
the usability of email and deny operations that are currently allowed.
For some businesses (like the mybank example that has been raised),
such restrictions are desirable, and probably justifiable. But if
ISPs and other email service providers adopt EXCLUSIVE policies...
--ewh
_______________________________________________
ietf-dkim mailing list
http://dkim.org