On Apr 2, 2006, at 8:44 AM, Barry Leiba wrote:
I think it depends on your "Verifier" the guys who have to make
the decision
with all the junk coming into the system how it will view it.
...
Are we suppose to turn a blind eye to the quality of the message
and just
look at who is responsible? If so, then who cares what the
message quality
is as long as it comes from a "good person."
We have to be clear about what DKIM is and isn't.
DKIM is something that lets a sender say "my domain sent this
message".
Not even that, as I understand it. In some cases the domain that's
signing the
message will have nothing at all to do with putting it on the wire,
and in some
cases nothing to do with the details of composing the message. (Back
to Daves
distaste for the word "sender").
"Someone who has access to a private key associated with this domain
(probably
someone authorized by someone associated with the DNS setup for this
domain)
has signed the content of this message, and the message hasn't
changed significantly
since they did that." is a bit closer.
That doesn't make for much of an elevator pitch, though, so perhaps
'A DKIM signature
from paypal.com says "I am paypal.com, and I authorize this message!"'.
Cheers,
Steve
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html