[Top] [All Lists]

Re: [ietf-smtp] RFC2821bis discussion of DKIM and SPF (was Re: Error in RFC 5321 concerning SPF and DKIM)

2014-07-28 13:04:53
On 7/26/14, 11:16 AM, John Levine wrote:
When i= was considered important in DKIM, many people considered it a
valid way to verify the identity of the sender of a message, given that

     *) it was actually used
     *) it really did map into the name used with the From: header

So the text about "belongs to the person who actually sent the message"
could be considered a reference to the use of i=.
Well, yes, and no.  In retrospect, that was always a failure of
communication.  The i= bit came from people in corporate environments
where the mail system is locked down, and you can't put anyone's
return address but your own on your mail.  But, of course, there are a
lot of mail systems, and only some of them are like that.

Yup, hence my subsequent sentence that you didn't quote:

However, subsequent work with DKIM showed that i= was unreliable for that purpose, and instead should be treated as an opaque value.

    Tony Hansen

ietf-smtp mailing list

<Prev in Thread] Current Thread [Next in Thread>