[Top] [All Lists]

Re: [ietf-dkim] Re: Role of Sender header as signing domain

2006-11-29 12:03:45
Damon wrote:

Damon Sauer

On 11/29/06, Douglas Otis <dotis(_at_)mail-abuse(_dot_)org> wrote:

On Nov 29, 2006, at 3:42 AM, Eliot Lear wrote:

> Charles Lindsey wrote:
>> I utterly fail to see why what is displayed to the user is of the
>> least relevance.
> Because it's very possible UAs will indicate whether a message is
> signed or not.  This is already done with various plugins.

The same plug-ins can also verify an associative policy regarding
other headers as well.  Being signed might be for entities found in
the 2822.From, the 2822.Sender, or for the 2821.MailFrom (to help
ensure DSNs).

First of all, we are now talking about that which is not there, a signed 2821.MailFrom, and we are discussing base, which this group is finished with. So, it seems to me that we have really veered from the topic of a sender header.

Annotation of a message being signed by itself is of
little value.  Being "signed" and "recognized" is what is important
when the desire is to curtail spoofing.

Sure. And when we get there life will be peaches and cream. But we need to transition to that point, and end users should be able to benefit from DKIM + the good work that people like Paul Hoffman are doing, so that SPs themselves don't become a bottleneck to deployment.

NOTE WELL: This list operates according to

<Prev in Thread] Current Thread [Next in Thread>