ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] Data integrity claims

2010-10-15 19:16:11
-----Original Message-----
From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org 
[mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of Scott 
Kitterman
Sent: Friday, October 15, 2010 5:09 PM
To: ietf-dkim(_at_)mipassoc(_dot_)org
Subject: Re: [ietf-dkim] Data integrity claims

I thought the "What DKIM does" thing was a long-dead horse, as we'd long
ago reached consensus that what DKIM does is provide a stable identifier
on the message, and nothing more.  That makes this assertion inapposite.

Does it?  If the identifier is bound to the hashed information, I think it
makes complete sense to believe one can make something of that content and
it's relation to the identifier.  It provides a stable identifier, but that
identifier is inextricably tied to the signed content.

There might be a better way to characterize it, but I think the answer comes 
from the errata RFC upon which we reached consensus a while back: The primary 
payload delivered by a DKIM validation is the validated domain name.  
Reputation, for example, would be checked against that, and not against the 
body hash or some other part of the message.

The claim that it "binds elements related to the RFC5322 header fields with the 
message body" is the means of the algorithm, not the end.


_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html