Hi Arvel,
Arvel Hathcock wrote:
I'll take a crack at this one.
> I suggest that we need to explain the basis for that assumption and
> that the explanation needs to provide the empirical basis for
> believing that it is the right choice.
The "From:" header value is the identity the naive user assumes to be
the originator due to the vast majority of mail clients which have
trained them to assume so. Thus it has a property, for better or worse,
which no other header has. Therefore, from a domain owners point of
view (who is interested in protecting the integrity of his domain in the
minds of naive users as far as possible), "From:" header value seems a
wise selection.
But the SSP client is not the naive user - its a DKIM-verifier. Does
that change the argument? E.g. in terms of requiring consideration of
other "identities" or "domains" found in the message? (Just asking.)
S.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html