[ietf-dkim] DKIM Threat Assessment v0.02 (very rough draft)
Michael Thomas
mike at mtcc.com
Tue Aug 9 17:11:01 PDT 2005
domainkeys-feedbackbase02 at yahoo.com wrote:
> --- Michael Thomas <mike at mtcc.com> wrote:
>
>
>>That is not correct. The local part of the i= is intended to
>>provide a binding to the local part of outside origination
>>headers, not just the domain part. Which is why it is,
>>in fact, a primary goal.
>>
>>One only has to look at Yahoo's web mail interface to
>>understand what significance they place on that binding.
>
>
> Eh? Which binding is that particularly?
>
> As I understand it, Yahoo's web mail interface identifies the verified domain
> with a message like:
>
> "Yahoo! DomainKeys has confirmed that this message was sent by
> *verified-domain*."
So your users all understand that "verified-domain" means
that means From: *@example.com instead of From: user at example.com
is what's really believable? Somehow I'm guessing they aren't
going to make that distinction, even if that's technically true.
FWIW, I'm comfortable with that misunderstanding; it puts
pressure on the domain holders to make it true far more often
than not.
Mike
More information about the ietf-dkim
mailing list