ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] DKIM does not identify senders, and we have big semantic problems

2009-01-28 15:14:26
It does seem, on the surface, functionally equivalent to some
statements that "i=" can be used to establish that its grandma sending
out email

Then we desperately need to rewrite whatever part of 4871 leads anyone to 
that erroneous conclusion.  Anything that suggests in any way that i= has 
any connection to grandma's address needs to be stamped out, and stamped 
out now.

If you want a signature that identifies the individual user, there's
S/MIME and PGP.

Instead of i=?

Gee, how many ways are there to say that i= doesn't identify the user?
The i= field doesn't do that.  DKIM doesn't identify individuals, only 
domains.

In situations described where "author of the message"
= "user" = "grandma"?

We have two IETF standard signing schemes to identify individual mail 
authors, S/MIME and PGP.  Take your pick.  But please note that that list 
does not include DKIM.

Really, we understand that there are situations where it would be nice to 
know the exact identity of the individual person pushing the Send button. 
But DKIM doesn't do that.

R's,
John
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

<Prev in Thread] Current Thread [Next in Thread>