On 18/Oct/10 20:50, Dave CROCKER wrote:
There is a premise that is motivating the proponents of giving instructions to
MUA designers about DKIM outcomes. The premise is that providing DKIM
information will be useful, and possibly that providing /more/ DKIM
information
will be more useful. (There is also some unfortunate vagueness about the
actual
meaning of some of this information.)
Providing DKIM information /will/ be useful. Only the second part is
probably wrong, because a signature cannot do more than validate.
As a small example of how peculiar the current line of advocacy is, I'll
suggest
a simple example:
Alice sends Bob a message.
Alice diligently signs all the right header fields and all of the body.
I think Dave gave a deceptive description on purpose, to check whether
we still confuse DKIM and S/MIME. If we're talking DKIM, the subtle
difference between author and author domain characterizes the signing.
Bob's MUA is sophisticated and up to date, so it displays the message
with
this extra information about the "validity" of the message.
What is the actual value of this marking, given that Alice is really a
spammer?
IMHO the goal is distinguishing between two categories of spam,
tractable and intractable. More precisely, two categories of
/messages/ --DKIM knows nothing about spam. Bob knows that in case he
complains he will probably be listened with the diligence that Alice's
domain is reputed for: That's the actual value of the marking.
Please reply to [domainrep].
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html