3.1.4. Distinguish the core authentication mechanism from its
derivative uses
|An authenticated identity can be subject to a variety of processing
|policies, either ad hoc or standardized. The only semantics inherent
|to a DKIM signature is that the signer is asserting (some)
|responsibility for the message. All other mechanisms and meanings
|are built on this core service. One such mechanism might assert a
|relationship between the signing identity and the author, as
|specified in the From: header field's domain identity[RFC2822].
|Another might specify how to treat an unsigned message with that
|From: field domain.
This clarification of the scope of authentication should be amended to
include:
"The identity associated with the signature may also relate to someone
acting on behalf of the author, such as noted within the Sender
header. A signature associated identity may not be found anywhere
within the message as well, but could assist recipients in
establishing a defensive posture against abuse related to what might
be an opaque identity."
-Doug
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html