The stability part I agree with. For the second area of interest, are
you saying the verifier would only find it interesting if i= was the
same as the user's (for some definition of 'user') email address?
There's a school of thought that verifiers could do something extra if
they knew that the i= was supposed to be an actual e-mail address.
(Send the complaints there, I guess.)
As it stands, you can't tell whether i= is supposed to be an address,
a stable identifier, a serial number, or whatever. So I suggested we
could define some new flag values to put into the t= in the keys so
that signers could declare their intentions, with the two suggested
flags being "it's stable" and "it's an address".
R's,
John
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html