[ietf-dkim] Not exactly not a threat analysis
johnl at iecc.com
Mon Aug 15 10:15:04 PDT 2005
>There is nothing in an ordinary email message, except for the IP
>address of the host that sent it to you, that is a reliable
>identifier. A validated DKIM signature adds a level of
>authentication by identifying the domain responsible for the message.
It might be better to say
... by identifying a domain that takes responsibility for the message.
We don't promise that's the only domain that might have something to
do with it, we do promise that's the place to complain to if you
don't like it.
>The main benefit of DKIM is that a validating agent can know who is
>responsible for the message.
The main benefit of DKIM is that a validating agent can know who is
taking responsibility for the message.
> This is more reliable than email source ...
More information about the ietf-dkim