ietf-dkim
[Top] [All Lists]

[ietf-dkim] draft-ietf-dkim-threats-00 Misstatement of the DKIM mechanism

2006-01-24 14:53:44
---[A: Misstatement of the DKIM mechanism.]
,---
| 1.  Introduction
|
| DomainKeys Identified Mail (DKIM) [I-D.allman-dkim-base] defines a
| mechanism by which email messages can be cryptographically signed,
| permitting a signing domain to claim responsibility for the use of a
| given email address.
'---

A verified signature does not indicate that the signing domain is claiming responsibly for some email-address found within the message. It is not a reasonable practice for a general access provider to inject a Sender header just to meet this expectation. This has already caused problems and should be avoided.

This should read:

: DomainKeys Identified Mail (DKIM) [I-D.allman-dkim-base] defines a
: mechanism by which email messages can be cryptographically signed,
: permitting a signing domain to be held accountable for the message.
: When an email-address contained within the message is also within
: the signing domain, and noted within the 'i' parameter, the signing
: domain may also be held accountable for verifying the use of the
: email-address conforms to their policies.

-Doug


_______________________________________________
ietf-dkim mailing list
http://dkim.org