It appears that Eric Rescorla <ekr@xxxxxxxx> said: >> Having DKIM cover the From: field does not carry any assertion of >> authenticity. > >The d= field alone is in fact a form of authenticity. Otherwise it >wouldn't be useful. I don't dispute that the authenticity properties >are complicated, but I don't think that's an argument for exclusion. Only in a rather strained sense. The d= only says that the domain waved their hands over the message, not that anything in the message is authentic or real. That's totally unlike S/MIME or PGP which we usually interpret to mean that the email address in the signature is the person who sent the message. Also see jck's message that DKIM is likely to be replaced by something else in a year or so, which is quite true. I really do not think it would be a good idea to add it to a document that is likely to live as long as 5321bis. R's, John -- last-call mailing list -- last-call@xxxxxxxx To unsubscribe send an email to last-call-leave@xxxxxxxx
