Rolf Wrote:
As the From: address is mandatory input for the signature, it may be a
logical step to also make it mandatory in the output?
Murray Responded:
Given the above, do we still need to?
Hector Santos responded:
To be more DKIM Mail Integration Consistent and Complete - yes.
See RFC5585 Figure 1 DKIM Service Architecture. The AUID is needed for
the major CSP (Checking Signing Practice) black box flow in the DKIM
design.
Follow up:
To illustrate this in RFC5585 by labeling the inputs required:
|
|- RFC5322 Message
V
+--------------------------------+
| Message Signed? |
+-----+--------------------+-----+
|yes |no
| |
|SDID/AUID |AUID
| |
V |
+-------------+ SDID/AUID |
| Verify +---------+ |
| Signature | | |
+------+------+ | |
pass| fail| |
|SDID | |
V | |
+-------------+ | |
| Assessments | | |
| | V V
+--------+----+ +-------+
| | / Check \
| +--SDID-->/ Signing \
| / Practices \
| +-------+-------+
| |
V V
As you can see, per RFC5585, both SDID and AUID are mandatory DKIM
outputs.
--
Hector Santos, CTO
http://www.santronics.com
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html