Frank,
SSP does NOT tell applications what to display or how to display
information, but rather makes basic observations and conclusions
about behavior of users and spammers that we see today. That is:
users look at From lines and spammers and phishers try to fake
them. Anyone DISAGREE with that assertion?
Yes. With any decent MUA offering a choice of displayed header
fields I very often pick "all" or anything else resulting in "more
than the default".
I now get what people are saying, thanks to you and John Levine in
particular. I still believe that the From address requires protection
in SSP. UIs can at least take a stab at protecting the user by matching
display strings to what is in their address book. They can also warn
people about SSP or DKIM "protected" domains that have not previously
been seen to prevent the spammers' favorite trick of being the first to
use technology ;-) That's not something we can or should standardize
here today, but let's also not throw the baby out with the bath water.
Eliot
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html