Not trying to turn this into dkim-discuss, but...
Scott Kitterman wrote:
On Monday 16 April 2007 10:03, Seth Goodman wrote:
DKIM does validate the From: address independently,
No. It does not. It may, but it does not.
The DKIM Sender Signing Policy (SSP) is not yet designed (the protocol
requirements were just finished) and it may or may not be effective for this.
Today, based on the DKIM-base RFC that has been approved there is no way to
tie signing domain to From domain (or any other header).
The DKIM -base specification does not mandate that a signature be tied
to the From domain, so that other entities (like mailing lists) can sign
messages. However, it is certainly possible for a verifier to determine
if a signature is tied to the From address, and the verifier can act
upon this fact, even in the absence of SSP.
-Jim
-------------------------------------------
-----------------------------------------------------------------------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to http://v2.listbox.com/member/?list_id=735
Powered by Listbox: http://www.listbox.com