With ATPS, the requirement is to replace the d= string with the domain name
from
the From: field. That replacement value is then passed to the assessment
module.
In other words, DKIM provides it's own identifier to be used for assessment,
whereas ATPS dictates use of the From: field domain name for assessment.
At least one of us is confused here.
ADSP already dictates use of the From: domain. ATPS is a modification
to ADSP. It doesn't change anything that DKIM reports, only the rule
for deciding whether ADSP finds an Author Domain Signature.
With or without ADSP or ATPS, DKIM returns a possibly empty list of d=
domains from valid signatures. ADSP returns the practices value
(unknown/all/discardable) and a bit whether it found an Author Domain
signature. Since there might be multiple DKIM signatures, even if
ADSP says it found an Author Domain signature, you can't assume a d=
domain had any relationship to the From: domain.
It's true that ATPS adds a field to DKIM signatures that doesn't
affect DKIM evaluation, but DKIM already knows how to skip over fields
it doesn't understand.
R's,
John
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf