What is the value proposition that DKIM offers that incentivizes people
to adopt it?
I'll take a crack at that: DKIM offers the MUA enough data to know what
parts of a message to be rendered can be considered "valid" inasmuch as
someone (the signer) took responsibility for it.
I have to disagree. DKIM offers the ability for a domain to take
responsibility for a message. A signing domain with any sense will sign
messages in a way that ensures that they don't get smashed between the
time they're signed and the time they're rendered, so the whole thing is
"valid".
While it's certainly possible to create signatures that don't include the
To:, Date: or Subject: lines and have l=0, I doubt that a signer who did
that would earn a reputation good enough for anyone to care whether they
signed a message or not.
Also, although I certainly do not purport to be a whiz at UI design, it's
hard to think of a more pessimal UI design than one that tries to tell
Grandma what parts of a message to believe with changing colors or fonts
in various parts of the message window. She can barely grasp the
difference between a green bar SSL page and one with no SSL. I don't want
to mess with the MUA at all, but rather use DKIM to help decide what
messages to show her and which messages to consign to the junk folder.
R's,
John
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html