On Mar 9, 2009, at 1:20 PM, Jim Fenton wrote:
Given the range of non-ADSP applications for the i= value that have
been described, verifiers would be well advised not to use the i=
value as a key to a reputation database.
As long as the i= relates to the on-behalf-of value in some manner as
required by RFC 4871, there should not be a problem using this to
reference reputation. Only when the i= value does not correlate well
with abuse, will i= value use be a problem. Such problems will be
experienced by signers that fail to reasonably constrain the i= value
when reputation services mark all i= values as being the same.
So while a signer's use of ADSP might constrain a verifier that
wants to key reputation on that value, it's not a good idea anyway.
The Author-Signature should not constrain the use of the i= value. It
is important for the i= value represent in some undefined manner, the
on-behalf-of entity. This entity is not always going to be
represented in the From header field.
-Doug
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html