MH Michael Hammer (5304) wrote:
Bill and anybody else who is responsible for outbound mail knows that
they are going to get dinged - signed or not - if they don't address
issues caused by mail coming from their system.
That's why DKIM was made flexible enough to let a variety of different domain
names be used for signing. In this case by the Operator.
Except possibly in tightly integrated scenarios, there is no need to tie the
signature to the From: field, when the signature is not being performed by the
author. The operators reputation will suffice.
Keep in mind that all of this mechanism is for filtering engines, not end user
display.
If Bill is willing to sign and wants a stronger statement made by SSP
that the domain uses his DKIM signature, where is the technical
objection?
My own reading of Bill's reqest is that it adds significant complexity to the
specification and therefore to the implementation and therefore to the
interoperability challenge. Perhaps I've misunderstood his request, but as
noted, it appears to be something that really was discussed at length by the
working group and rejected because DNS delegation covers the requirement,
without adding complexity to SSP.
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html