Stuart wrote:
I have no objection to DK as long as the domains in question also
publish SPF. There is no significant load to *publish* a DK key.
The extra work is only for verifying a DK key. If I don't need
rfc2822 forgery protection, then I won't verify DK. I must say
that if I *did* need 2822 checking, I prefer DK to senderID - since
all that work does provide significant confidence in the authenticity.
All Yahoo mail that directly comes from a Yahoo server has a valid Yahoo DK
signature. So what is the use of checking the signature?
Most probably all Yahoo mail that went through a mailing list has an invalid
Yahoo DK signature. So what is the use of checking the signature?
The only case where checking the signature makes sense is forwarded mail
from Yahoo and spam. But since there is no guarantee that all forwarders do
not modify the messsages, it makes little sense to check the signature.
Roger