A DKIM verifier generates a single bit, "validly signed or not",
and an identifier in the "validly signed" case.
Well, actually, if you read 4871, it also produces an edited version
of the message. As I suggested in my message a few days ago, I don't
think that's what we intended, and we should fix 4871bis so it doesn't
say that any more.
And that makes DKIM overall a poor place to do anything other than
mention specific issues that directly affect the DKIM security model.
Agreed.
R's,
John
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html