rfc2821.Sender usage (was Re: [ietf-dkim] Collection of use cases
for SSP requirements)
Dave Crocker
dhc at dcrocker.net
Sat Dec 9 12:34:45 PST 2006
Arvel Hathcock wrote:
> > Is the content of the Sender header commonly used
> > by the end-user, or even visible to them?
>
> I know that Microsoft Outlook (an important and significantly deployed
> mail client) displays the Sender header if one is present.
Please notice the difference between "used" and "visible".
I think it goes to the core of some common misunderstandings in these
discussions. Obviously it is perfectly reasonable to ask whether a particular
piece of information is actually visible to the end user.
But we also then need to ask whether the end user derives any benefit from that
display.
Among human factors (usability) folk, the common view is that typical end users
have an extremely limited cognitive model of how an application works. Add to
that the inherent subtlety of distinguishing .sender from .from -- especially in
real-time when viewing a message -- and we all ought to be particularly cautious
about expecting a focus on .sender as being import to the human side of phishing
or other abuse issues.
(Importance for automated filtering and other assessment software is an entirely
different matter.)
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
More information about the ietf-dkim
mailing list