Right, but emphasize that the granularity is a signing domain -- it is
not and cannot be a way to attribute mail to individual people.
Unless you have reason to believe that the signer is taking steps to ensure
that the sender information is accurate.
A reputation system could make an assertion like that, but it's definitely
outside the scope of DKIM.
For about the billionth time, why aren't the people who are worried about
the identity of individual senders using S/MIME? I have trouble
envisioning a problem so serious that we need to invent complex extra
mechanisms and try to force people to use them, yet so trivial that we
can't be bothered to use the existing tools built into every MUA.
R's,
John
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html