This seems to leave out checking content as a means to address simple
header replay. This attempts to provide some rationale to support most
of your statement.
there's a juggling act to be performed, for the language here. the focus of
dkim really is the headers. including a checksum on the body is an adjunct.
the problem with citing the body in the text, here, is that then folks get
distracted with the possibility that this competes with pgp or s/mime.
d/
---
Dave Crocker
Brandenburg InternetWorking
+1.408.246.8253
dcrocker a t ...
WE'VE MOVED to: www.bbiw.net