[ietf-dkim] DKIM Threat Assessment v0.02 (very rough draft)
Earl Hood
earl at earlhood.com
Tue Aug 9 11:44:50 PDT 2005
Quick comment:
Dave Crocker wrote:
> In the current Internet Mail environment a mail receiver can never be sure
> whether a piece of mail was from the purported author they normally associate
> with the claimed identity. This leads to many avenues of abuse.
...
> A secondary goal of DKIM is to validate a standard identity field, such as
> RFC2822.From or RFC2822.Sender.
Stating this as a secondary goal appears to contradict the earlier
paragraph. I.e. The earlier paragraph implies that validating
RFC2822.From or RFC2822.Sender would be a primary goal.
--ewh
More information about the ietf-dkim
mailing list