On Thu, 12 Feb 2009, Douglas Otis wrote:
The WG should also discuss the merits of making a statement warning
against a domain overlapping their valid namespace with fictitious or
token i= values. While such overlap should be discouraged to avoid
confusing recipients as to what the i= values means, this has received
little discussion other than to say the i= value represents a totally
separate namespace. Since this statement is _not_ always true, some
effort should be made by the domain to ensure that there is no apparent
overlap within the same message. Several techniques can ensure the
isolation of different i= value uses.
I think that's flipped logic from what the working group should say (and
is saying via both of the proposed errata on this topic).
IMHO, it is sufficient to indicate that the local-part of "i=" is opaque.
Absent any secure indication from the signer that such a value is stable
and/or maps to an address, the verifier is thus admonished against jumping
to that conclusion, even if they do appear to be the same.
It's becoming clear, though, that such an indication mechanism would
probably be beneficial.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html