Barry Leiba wrote:
My proposed text attempts to inject the idea that at least one
identity is an author authorized signer distinct from what is already
stated as an independent trusted identity.
But I don't think the actual "author" (in the case of this message,
me, the guy who's writing it) is involved in any way in the signing.
I certainly am not authorizing anyone to sign this message, and likely
don't know whether it will be signed or not. The DKIM model says
that's done at the domain level, independent of the author's wishes or
actions.
It's possible to have use cases where the author does decide, somehow,
whether or not the message will be signed but I'm not aware that
anyone's doing that, or has plans to do that.
We have plans to offer it as part of our DKIM commerce package for our
private/public hosting customers. It would be quite presumptuous to
sell a DKIM package thats only sign at the domain level.
In any case, there are many DKIM deployment ideas. So I would always
lean towards making it possible (keen it open-ended) while we can
during specs design if its makes sense, not redundant and doesn't
conflict with anything else.
In my last post, I was using "author" to mean the author domain or the
"originating controlling" identity that decides who will be the
authorized (by mere selection perhaps) identity to sign. It did cross
my mind thought if the current text meant:
Author --> user?
Author's Organization --> user domain?
So maybe I should of used "Author's organization Authorized Signer" :)
--
HLS
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html