[ietf-dkim] DKIM Threat Assessment v0.02 (very rough
draft)
Eric Allman
eric+dkim at sendmail.org
Tue Aug 9 16:01:48 PDT 2005
> That is not correct. The local part of the i= is intended to
> provide a binding to the local part of outside origination
> headers, not just the domain part. Which is why it is,
> in fact, a primary goal.
That doesn't change the fact that it is the /domain/ signing a
message, not a user. That domain may identify the individual user in
such a way that is within the comfort zone of the signing domain
administrator, but the keys are still owned and administrated by the
domain owner.
eric
More information about the ietf-dkim
mailing list