ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] Use of "sender" in -base

2006-06-22 10:08:00


--On June 21, 2006 11:05:55 PM -0400 Tony Hansen <tony(_at_)att(_dot_)com> 
wrote:

I have an issue with one item, below.

Eric Allman wrote:
B.6 Third-party Message Transmission
...
Rewritten to:

       One way this can be handled is to continue to put the
       reader's email address in the From header field of the
       message, but put an address owned by the site into the
       Sender header field, and sign the message on behalf of that
       address. A verifying MTA should accept this and rewrite the
       From header field to indicate the address that was
       verified, i.e., From: John Doe via news(_at_)news-site(_dot_)com
       <jdoe(_at_)example(_dot_)com>.

Two points here:

   *    Such rewriting MUST be done *after* the verification pass has
been performed. (Obviously it can't be done before, unless the
From: header is not in the h= field list.)

   *    Once such rewriting is done, this message will never re-verify
again. This would *prevent* a subsequent entity, such as the MUA,
from doing its own verification. It would be nice if there were
some way of preserving the original From: contents if
reverification is necessary so that any such rewriting can be
reversed for the reverification.

Reasonable points. I've changed "should" to "could", and added "(However, such rewriting must be done after the verification pass is complete, and will break any later attempts to re-verify.)"

Does this work for you?

eric
_______________________________________________
NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html

<Prev in Thread] Current Thread [Next in Thread>