On Tue, 26 Apr 2011 05:29:35 +0100, Dave CROCKER <dhc(_at_)dcrocker(_dot_)net>
wrote:
DKIM doesn't create any binding between the RFC5322.From domain and the
"d="
value as you're doing. What you're talking about here falls into the
realm
of ADSP or other policy-like assertions, not DKIM itself which is the
topic
of this draft.
Perhaps I am wrong, but I believe that this point has been made and
re-made
enough times to warrant not making it again.
Not so. DKIM specifically requires that the From header be included in the
signature. Hence end users (and that included verifiers) are entitled to
assume that if there is a valid signature, then "the" From header that
they see before them was signed. So there does already exist a binding
quite independently of ADSP or reputation suystems, or any other "addons".
--
Charles H. Lindsey ---------At Home, doing my own thing------------------------
Tel: +44 161 436 6131
Web: http://www.cs.man.ac.uk/~chl
Email: chl(_at_)clerew(_dot_)man(_dot_)ac(_dot_)uk Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K.
PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html