[ietf-dkim] Responsibility vs. Validity
steve at blighty.com
Tue Nov 27 10:56:33 PST 2007
On Nov 27, 2007, at 10:47 AM, Steve Atkins wrote:
> On Nov 27, 2007, at 10:17 AM, Dave Crocker wrote:
>> This note is about an old topic that seems to remain unresolved.
>> I'm posting it to see where the working group is on the matter:
>> Mechanisms like OpenPGP and S/MIME essentially validate the
>> authenticity of content. DKIM does not. For example, a DKIM
>> signature does not contain the semantics that claim that the From
>> field is correct, nevermind that it does not distinguish between
>> "brands" such as are often implied by the display string in the
>> From field, versus the email address in it.
> DKIM is a mix of the two (as are pgp and s/mime).
> It's setup to not only say "this message came from THIS recipient",
> but also "THIS message came from this recipient".
Sender, of course.
"It's setup to not only say "this message came from THIS sender", but
also "THIS message came from this sender""
More information about the ietf-dkim