ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] The problem with the DKIM design community

2013-07-01 12:37:04
On Sun 30/Jun/2013 15:21:29 +0200 Michael Deutschmann wrote:

"EDSP" would only pay attention to signatures where the "d=" matches
the right hand side of the RFC821 MAIL FROM:.

This means that someone can publish the strictest possible EDSP
without causing mailing list false positives.  Mailing lists take
ownership of the MAIL FROM:, hence only an EDSP set by the list itself
will apply, and the original poster's EDSP will be correctly ignored.
Just like in SPF.

Of course, since the MAIL FROM: is usually not visible without pressing a
"show all headers" button, this would be more about leaving a clearer
audit trail than actually foiling phishes.

Well, not really.  MAIL FROM: is only visible after delivery, so to
avoid dangling signatures one should store its value in some other
header field or... in the i= tag.  Heck, is that the semantics that the
OP was talking about?

_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html