Hi Doug,
At 18:39 03-11-2008, Douglas Otis wrote:
The motivation for this header is in support of a questionable Sender-
ID or SPF path registration scheme. Sender-ID is being sold as a
replacement for source authentication.
The Authentication-Results header was introduced in 2004 as there
wasn't a standardized method to convey the results of DomainKeys verification.
Not having this border header as a substitute for DKIM validation
ensures ISPs will provide access to unmodified messages. To ensure
security, verifying the DKIM signature should be done by the MUA
making the annotation, rather than depending upon an injected third-
party header.
If you go back through the DomainKeys and DKIM archives, you might
find that it was deemed unpractical to expect all MUAs to do DKIM
verification. That doesn't preclude MUAs from doing DKIM
verification if they support it. It can be problematic in cases
where the DKIM signature is time sensitive.
Regards,
-sm
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html