[ietf-dkim] Update of RFC4871 Appendix D. MUA Considerations (resent)


Original Text:
   The tendency is to have the MUA highlight the address associated  
with this signing identity in some way, in an attempt to show the user  
the address from which the mail was sent.
Corrected Text:
   The tendency is to have the MUA highlight the SDID, in an attempt  
to show the user the identity that is claiming responsibility for the  
message.


### Limiting annotations to just the SDID can result in the source of  
the message being ambiguous which will negatively impact security!

Suggested correction:

The intent is to have the MUA highlight the SDID, and AUID that match  
with email-addresses within signed header fields.  The annotation  
should help clarify for the user the SDID claiming responsibility for  
the message, as well as possibly specific intra-SDID sources.  AUIDs  
that match with signed email-addresses can disambiguate messages  
emanated by a mailing-list from those emanated directly by individual  
users, for example.

-Doug

_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:

[ietf-dkim] Update of RFC4871 Section 2.10 Agent or User Identifier (AUID) correction: (resent), Doug Otis

Next by Date:

Re: [ietf-dkim] ADSP Informative Note on parent domain signing, Jim Fenton

Previous by Thread:

[ietf-dkim] Update of RFC4871 Section 2.10 Agent or User Identifier (AUID) correction: (resent), Doug Otis

Next by Thread:

Re: [ietf-dkim] Update of RFC4871 Appendix D. MUA Considerations (resent), Barry Leiba

Indexes:

[Date] [Thread] [Top] [All Lists]