ietf-dkim
[Top] [All Lists]

[ietf-dkim] 2822.From or 2822.Sender and 2822.From was:Requirements comment: Bigbank example description

2006-08-09 12:22:56
On Wednesday 09 August 2006 14:34, Tony Hansen wrote:

-1

I want companies such as eCard senders or News Agencies to be able to 1)
send a message on my behalf while 2) marking themselves as the sender
and 3) being able to sign the message. This minimally requires support
for RFC2822.Sender as well as RFC2822.From.

I *would* support changing it to

    1.  Mail with a RFC2822.From or RFC2822.Sender A is sent to B with a
      missing or broken DKIM signature

This has nothing to do with PRA and its support for Resent-From and/or
Resent-Sender.

Agree it has nothing to do with PRA, that's why I say don't use the word 
purported.

Since many popular MUAs do not display Sender, including Sender defeats nearly 
the entire purpose of the Bigbank example.  I think what you would want then 
is the DKIM signing complete practice.

I think we went around several times on From or From/Sender and there was (in 
my opinion, which I know counts for exactly nothing) a reasonable rough 
consensus that From was what we should focus on.

Keep in mind that the Big Bank example is explicitly about phishing targets 
that are willing to accept breakage of some legitimate e-mail functionality.  
That doesn't sound like your case.

Scott K
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html