On Wednesday 05 December 2007 13:36, Douglas Otis wrote:
A domain wishing to protect their transactional mail may decide to
publish "strict" to limit the acceptance of "non-compliant" messages.
Compliance now requires the i= to not include a localpart, or for the
localpart to match with the From header.
This unnecessary requirement may produce "false positive" detections
of bad acts when signing domain uses i= as intended in the base draft,
which is to indicate on who's behalf the message was signed.
Options to mitigate "false positives" would be to:
1- Exclude the i= parameter
2- Add another signature specifically signing the From as well
Since the signer is controlled by the same entity, option 3 would be don't
send messages where i= doesn't match what's in From.
Scott K
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html