What you are calling for would be good to have. It should be done.
Just not in the signing spec.
Correct me if I'm wrong, but I hear you saying that if one creates or
verifies the DKIM signature on a message, one should also do the double
header check somewhere in the mail processing path, but rather than saying
so in the spec, it'll just be our private bit of folklore.
R's,
John
PS: I'm fine with Jim's proposed section 6.1.1.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html