Steve Atkins wrote:
On Oct 1, 2010, at 8:11 AM, Jeff Macdonald wrote:
On Fri, Oct 1, 2010 at 2:48 AM, Murray S. Kucherawy
<msk(_at_)cloudmark(_dot_)com> wrote:
The results in Section 4.1.2 mention "Author vs. Third-Party". That
is more about ADSP than DKIM.
True. It should probably come out.
It could mean that or that most implementations default to d= From:
domain. I strongly believe that is a holdover of implementations being
based on DomainKeys code which had that constraint.
+1
Also, I've talked to several people who want to use DKIM with varying d=
for the same 822.From, but can't because the signers they're using
can only sign with a single domain for any given 822.From domain,
or can only sign with the domain in the 822.From.
I don't know how widespread this misbehaviour is in DKIM signers,
but it's there.
It's not necessarily misbehaviour. Signers need to be careful about what they
sign.
All that says is that the access control to the signer is relatively simple
minded,
which is more of a marketing requirement than bad code. It's probably saying
that
most implementation's requirements don't care about that kind of flexibility.
And
speaking from experience, the code complexity to support it, while not enormous,
is certainly not zero.
Mike
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html