Douglas Otis wrote:
Excuse my ignorance, but why limit DKIM (or SSP) to information
that is delivered via SMTP? They can work with any transport that
uses RFCx822 for content and that uses DNS for name resolution.
Agreed. DKIM can be employed in conjunction with _many_ transport
protocols. While a domain may assert they sign "all" their SMTP
traffic, they may not be signing other types of traffic that could
potentially use DKIM signature headers. How would a domain
indicate what protocol they cover by their assertion? It seems
logical to restrict the _SSP policy to that of SMTP.
IBTD. The From: header field you see in this reply was originally
posted with NNTP at GMaNe, and GMaNe sent it to the "moderator" of
"the DKIM newsgroups", which is actually the DKIM list at mipassoc,
a somewhat convoluted case of news2mail (and back again, from my
POV).
Less convoluted, a "real" newsgroup can contain news2mail gateways
resulting in real SMTP traffic. Still with the original 2822 From
address(es). Those are only obvious examples - adding transport
protocol "scopes" cannot work when gateways transform "something"
(news, MMS, etc.) into ordinary mail with an SSP protected From.
Let's note the issue in the security considerations. The official
title of 2822 is "Internet *message* format", not only *mail*. An
2822-From is no "mail-From" or "news-From", it is for all messages.
Frank
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html