Even in the case of per user keys it is presumably the domain
providing those keys and thus the authorization though. Right?
Right. If you don't like the mail, you complain to the domain, not to
the user, since the domain's the one who can change or revoke the key.
I find it helpful to remind people that the result of any
authentication scheme is only that you know who to blame for the
message, not whether a message is spam, or whether the the recipient
has a relationship with the sender, or anything else. That's why
replay attacks are out of scope here, if I'm the responsible party for
a massage, I'm still the responsible party if a hostile recipient
remails it a thousand times.
Down the road when reputation systems are more mature it may be useful
to put assertion tags into signatures, e.g. "this is transactional
mail" or "this is unconfirmed opt-in bulk mail" a la TEOS. It looks
to me that both of the major candidates (DK and IIM) have room for
more fields in the signature data so we have that option.
Regards,
John Levine, johnl(_at_)iecc(_dot_)com, Primary Perpetrator of "The Internet
for Dummies",
Information Superhighwayman wanna-be, http://www.johnlevine.com, Mayor
"I dropped the toothpaste", said Tom, crestfallenly.