[ietf-dkim] DKIM Threat Assessment v0.02 (very rough draft)
domainkeys-feedbackbase02 at yahoo.com
domainkeys-feedbackbase02 at yahoo.com
Tue Aug 9 21:20:56 PDT 2005
--- Michael Thomas <mike at mtcc.com> wrote:
> >>One only has to look at Yahoo's web mail interface to
> >>understand what significance they place on that binding.
> >
> >
> > Eh? Which binding is that particularly?
> > "Yahoo! DomainKeys has confirmed that this message was sent by
> > *verified-domain*."
>
> So your users all understand that "verified-domain" means
> that means From: *@example.com instead of From: user at example.com
> is what's really believable? Somehow I'm guessing they aren't
> going to make that distinction, even if that's technically true.
As a guess, you could be right. I generally bow to the expertise of the
professional GUI folks who routinely deal with presenting information to 100s
of millions of people from all over the planet.
But whatever. Regardless of how one might interpret the webmail interface, the
point I'm trying to make clear is that, as a verifier, and from a specification
perspective, Yahoo is *not* interested in, and doesn't care about, localpart.
Obviously other may be, and good for them, but Yahoo is not.
Mark.
More information about the ietf-dkim
mailing list