Patrick Peterson wrote:
2. Does RFC 4871 contain any claims that a DKIM
signature carries a
claim by the signer that any of the body or header content is
"correct" or
"truthful"?
I ask because I believe it does not carry any such
claim and that,
rather, a DKIM signature asserts a very generic degree of signer
"responsibility" which does not extend to formal claims of
correctness.
I agree. RFC 4871 does not contain claims that a DKIM signature implies
content is "truthful".
Your intent is unclear from your question: if we are both right, is this
a good thing? Or do we need to modify RFC 4871?
Discussion about raw DKIM signing sometimes seems to have the underlying view
that the From field is validated as being accurate. At the least, this seems
to vary among different folk. I wanted to see whether there is a clear view
one way or the other.
I'm not suggesting "fixing" DKIM. I'm seeking clarity among the community.
(It's a California thing.)
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html