[ietf-dkim] on the suitability of the From header field

[SM]

At 12:27 13-08-2005, Keith Moore wrote:
>I strongly disagree.  It is vitally important to distinguish between 
>"who wrote or authorized this content" and "who authorized the 
>transmission of this message to this recipient".  RFC2822.From is a 
>close approximation to the first, but not the second.  We currently 
>don't have an SMTP or 2822 field that approximates the second.  (for 
>various reasons neither Sender nor Return-Path/MAIL FROM is close enough).

RFC2822.From is not very effective as a means to determine "who wrote 
or authorized this content".

>If end-users today are accustomed to thinking the message was sent 
>by RFC2822.From, they will need to be educated, and they may also 
>need better MUAs that make the distinction clear.  But I don't think 
>most end-users are this naive or incapable of understanding the 
>difference. Mailing lists, for example, do not follow this 
>convention.  Nor do forwarded messages.  Neither one of these seems 
>to result in a great deal of user confusion.

Although I am a proponent of education and the need for better MUAs, 
I don't see it making a significant difference in the short 
term.  Most end-users cannot understand the difference.

Most end-users do not subscribe to mailing lists and if they do, they 
may sometimes report mail received from the list as spam. :)  Those 
who do subscribe can only understand that the mail is from a mailing 
list if they see the list subject tag.

Regards,
-sm