Another way to look at it is that k= is useless, but it's not harmful,
so it'd be more productive to argue about the warts that are both
useless and harmful.
I don't know that it's completely useless, but I'll defer to Jon on this point:
Is the actual cost of parsing "k=rsa" from the key and "a=rsa-blah" from the
signature substantially less than trying to feed a non-RSA-key blob into an RSA
function only to have it error out?
If detecting that the key and the signature are incompatible before actually
trying to use the crypto functions involved actually saves substantial compute
cycles then I'd say it's not useless. Otherwise I believe it's redundant and
can be removed.
I thought for a while that this had the same purported attack vector as has
been claimed for "h=", but now I'm convinced otherwise.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html