[ietf-dkim] Responsibility vs. Validity
Steve Atkins
steve at blighty.com
Tue Nov 27 10:56:33 PST 2007
On Nov 27, 2007, at 10:47 AM, Steve Atkins wrote:
>
> On Nov 27, 2007, at 10:17 AM, Dave Crocker wrote:
>
>> Folks,
>>
>> This note is about an old topic that seems to remain unresolved.
>> I'm posting it to see where the working group is on the matter:
>>
>> Mechanisms like OpenPGP and S/MIME essentially validate the
>> authenticity of content. DKIM does not. For example, a DKIM
>> signature does not contain the semantics that claim that the From
>> field is correct, nevermind that it does not distinguish between
>> "brands" such as are often implied by the display string in the
>> From field, versus the email address in it.
>
> DKIM is a mix of the two (as are pgp and s/mime).
>
> It's setup to not only say "this message came from THIS recipient",
> but also "THIS message came from this recipient".
>
Sender, of course.
"It's setup to not only say "this message came from THIS sender", but
also "THIS message came from this sender""
Cheers,
Steve
More information about the ietf-dkim
mailing list