I found this from RFC 5016:
o First Party Address: for DKIM, a first party address is defined to
be the [RFC2822].From address in the message header; a first party
address is also known as an Author address.
o First Party Signature: a first party signature is a valid
signature where the signing identity (the d= tag or the more
specific identity i= tag) matches the first party address.
"Matches" in this context is defined in [RFC4871].
o Third Party Signature: a third party signature is a valid
signature that does not qualify as a first party signature. Note
that a DKIM third party signature is not required to correspond to
a header field address such as the contents of Sender or List-Id,
etc.
I thought the ADSP draft had such a definition, but it doesn't seem
to. This draft talks about i=, which if I recall correctly, can be
include sub-domains of d=. Since i= is no longer seen as an identity,
then I believe we need a more formal definition of a third-party
signature.
If "or the more specific identity i= tag" was removed from the above
definition, would everyone agree that is the proper definition of a
third-party signature? That would mean:
From: foo(_at_)example(_dot_)com
DKIM-Signature: ... d=i.example.com
would be considered a third-party signature.
--
Jeff Macdonald
Ayer, MA
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html