If you really think this is such a great big problem, maybe you should be
banging the drums at MAAWG or other venues where the correct set of ears
is potentially listening.
I would rather not have to run a session at MAAWG entitled "How to fix the
security holes in DKIM", but I certainly could.
Am I really the only person who wants to be able to whitelist mail signed
with known good signatures, drop it into user inboxes and expect
reasonable results with existing MUAs?
This is basically the same model as X509, except that X509 builds the
credibity test into the protocol via CAs, rather than externally via
something like VBR.
R's,
John
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html