[ietf-dkim] Output summary - proposing ODID "Originating Domain Identity"
hsantos at isdg.net
Sun May 1 19:13:36 PDT 2011
Murray S. Kucherawy wrote:
>> -----Original Message-----
>> Its just really odd that the we need to hide the facts in RFC4871bis
>> but not in RFC5585 (DKIM Architecture) and RFC5863 (DKIM Deployment
> I've lost track of how many times and how many different ways
> it's been explained that nothing is being hidden. I'm going to
> give up now.
If nothing is being hidden, then why not explicitly add AUID and ODID
(or RFC5585.From.Domain) to the Output Summary? Whats the danger?
Maybe its not a "Output Summary?"
Here are some definitions for a summary :
A summary, synopsis, or recap is a shorter version of the original.
Such a simplification highlights the major points from the much
longer subject, such as a text, speech, film, or event. The purpose
is to help the audience get the gist in a short period of time.
An abstract or a condensed presentation of the substance of a body
of material; concise, brief or presented in a condensed form;
Performed speedily and without formal ceremony
etc. What you are proposing is just the redundant "Mandatory Output"
information, and not a "DKIM Output Complete" summary that reflects
>> But in the mean time, implementors are not listening. They are looking
>> at other things especially the "author thing" we must burn into the
> Which implementers, and why aren't they saying anything?
Well you, I did and many in the archives has say things, and many have
stated very clearly the ODID is considered a very fundamental part of
DKIM. RFC5585 reflects how signing practices is part of the expected
The two open source APIs:
has support for signing practices.
Systems using A-R to report DKIM results are using AUID, such as
And I know our DKIM product has direct support for the design
described in RFC5595 including A-R with all four outputs (status,
SDID, AUID, ODID) as well as the ADSP extensions.
The biggest software company, Microsoft, has announced ADSP support
and that means ODID output is required. How can that be not significant?
Yes, it is getting tiresome because it is real hard to understand why
adding the obvious to the Output Summary is a problem. What harm is
there? None that I can see.
Why isn't there any mediated compromise to settle these 5-6 years
In my view, your proposed section 1.1 DKIM Architecture Documents and
with adding the AUID and ODID as part of the output to make all the
documents protocol consistent will settle the issue, in my view, for
Hector Santos, CTO
More information about the ietf-dkim