Michael Thomas wrote:
we need to have clarity in SSP on what, exactly, qualifies as a valid
signature for "I sign everything". This guidance is not in dkim-base
(purposefully), but I believe that we had intended i= to provide that
clarity. In any case, we do need to provide the exact semantics in SSP
of how a receiver determines whether a DKIM signature satisfies the SSP
criteria or not.
+1
We could explain that i= matching the domain part of the "PRA" indicates
a first party DKIM signature, even if 2822-From != "PRA". Where "PRA" is
of course only a new name for something already specified in RFC 2822, or
even in STD 11, if there's only one Resent-* block. It's no proprietary
algorithm. RFC 4407 is just a summary of facts extracted from RFC 2822.
Frank
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html