On Thu, 23 Nov 2006 14:05:36 -0000, Stephen Farrell
<stephen(_dot_)farrell(_at_)cs(_dot_)tcd(_dot_)ie> wrote:
I don't understand why we, now, need to care about other
uses of the 2822-From address? (And if we did, then why news and
not, say kerberos, where the same string may occur.)
Because news and email regularly get gatewayed into each other.
Suppose foo.example announces that it "signs everything" (presumably we
intend that to mean all emails). So if joe(_at_)foo(_dot_)example sends an unsigned
email, it is sure to be treated with "suspicion".
But what if joe(_at_)foo(_dot_)example posts an article to some newsgroup? DKIM in
Usenet might be found to be a good idea someday, but it is not likely to
be in our drafts and is not in our charter. So, although they would do no
harm, we are not expecting such signatures on Usenet. But things leak, and
his article might turn up as an email (probably on some mailing list). We
don't want the mailing list admin to reject is as being unsigned. Maybe
the gateway should have signed it (quite a good edea that, and then the
SSP and reputation of the gateway would come into play). But is that
sufficient to cover for the lack of a signature by foo.example?
And maybe (USEFOR hat on here) gateways from news to email ought to be
adding suitable Resent-* headers.
--
Charles H. Lindsey ---------At Home, doing my own thing------------------------
Tel: +44 161 436 6131
Web: http://www.cs.man.ac.uk/~chl
Email: chl(_at_)clerew(_dot_)man(_dot_)ac(_dot_)uk Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K.
PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html