On 11/23/2020 11:42 AM, Brandon Long wrote:
On Mon, Nov 23, 2020 at 11:34 AM Dave Crocker <d...@dcrocker.net
<mailto:d...@dcrocker.net>> wrote:
On 11/23/2020 11:29 AM, Brandon Long wrote:
> The DKIM-Signature is an "ownership" thing, it's a message
originator
> that is saying
> "associate this message to me".
That is not DKIM's semantics:
"DomainKeys Identified Mail (DKIM) permits a person, role, or
organization to claim some responsibility for a message by
associating a domain name"
This says nothing about whether the organization has anything to do
with
origination.
There is nothing to prohibit or preclude handling agents other than the
originator from signing.
Yes, of course, a handling agent can do it, but there are plenty of reasons
why they shouldn't.
Please enumerate and explain. If it's that dangerous, we should
document it, especially I don't recall that constraint being in any of
the design or standardization discussions.
> Intermediaries don't want to take ownership of the message in that
> sense, though there
> are some mailing lists that do.
Signing with DKIM does not take 'ownership'.
Yes, responsibility is the proper word. My point survives the word change.
I disagree.
DKIM says the domain takes responsibility for the message, while ARC says
the domain takes responsibility for evaluating the status of the message
when
they received and forwarded it.
This implies that the word 'some' is irrelevant. It isn't. And it was
included intentionally.
d/
--
Dave Crocker
dcroc...@gmail.com
408.329.0791
Volunteer, Silicon Valley Chapter
American Red Cross
dave.crock...@redcross.org
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc
