What support for assessment mechanisms is required for the core DKIM
mechanism?
None. DKIM will be plenty useful checking a recipient's private
whitelists and blacklists of domains and addresses, with no use of an
outside assessment mechanism at all.
What support for extensible support (and, yes, that's recursive) of
assessments is needed?
None. If it turns out to be useful to provide hints about which
reputation services to check on DKIM domains, it should be equally
useful to check domains validated by S/MIME, PGP, SPF, Sender-ID, SSL
certs on TLS SMTP connections, and any other validation scheme someone
invents. That tells me that it should stand on its own, perhaps as a
separate message header, rather than getting mixed into DKIM and being
reinvented for every other validation system.
R's,
John