dhc at dcrocker.net
Thu Oct 6 08:15:54 PDT 2005
> It follows that in order to determine responsibility for the sender
> one first needs to determine responsibility for the domain, and the
> way that is done with DKIM is via DNS. The source of authority for
> the sender can then from that point be delegated.
Thanks for raising the concern about ambiguity. Getting precise and
consistent about terminology/references is fundamental to these
discussions, so it's unfortunately necessary to add to your effort:
What do you mean by "sender"?
The term is being used variously -- and unfortunately with some
legitimate basis -- to refer to rfc2822.Sender (of course) but also to
rfc2822.From, rfc2821.MailFrom, rfc2821.Helo (and, therefore, pretty
much any of the From parameters in rfc2821.Received.)
For discussions like these to make real progress, I really do suggest
that people stop using the now-completely-ambiguous term "sender" and
make a point of citing the specific data field they mean.
More information about the ietf-dkim