Trust annotation could highlight a message or place it into a special
folder, for example.
Not all sources within a domain are equally vetted.
Increased use of sub-domains may weaken DKIM as a trust mechanism;
which domain name should be trusted?
Well vetted sources can be indicated by the signer with some type of
notation or semaphore.
Signer trust semaphores should be coupled with the signature.
Not all sources will be uniquely identified by an email-address, and
not all recipients can reliably recognize an email-address.
Excluding poorly vetted sources from trust semaphores permits those
better vetted sources to retain a level of trust.
DKIM may already implement source based key selection to support the
key g= construct.
A label convention leverages key selection mechanisms and overcomes
problems related to binding a specific generic header to a signature.
This label convention could apply to either the right-most or left-
most label of the s= selector.
Example label conventions:
_t-trn Transactional*
_t-adm Administrative*
_t-usr Domain User
_t-gst Domain Guest
_t-mdn Mailer-Daemon
_t-sys System*
*Trustworthy sources (by convention).
Establishing this convention from the outset allows better security
to be maintained.
-Doug
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html