Hi all, consider the famous incipit:
DomainKeys Identified Mail (DKIM) permits a person, role, or organization to claim some responsibility for a message by associating a domain name [RFC1034] with the message [RFC5322], which they are authorized to use. The question is, what responsibility is being claimed? Some sites allow authenticated users to use any From:, but are able to find out who the actual author was, if needed. Other sites only sign if the From: matches the actual user, or at least its domain part. Still others just sign everything. Discussions about what kind of assurance would a signature imply are rather frequent. At least, specifying an aim= tag should shred some light on the various possibilities. Tagging keys with aim= would allow senders to choose an appropriate selector under different circumstances. Some mail sites use different sending IP addresses to meet a similar purpose. Others use different domain names, opaque chunks of base64 data, or X-Google-DKIM-Signatures. An aim= would serve a similar purpose in a more open manner, introducing yet another means to discern among different mail flows. Comments? Best Ale -- _______________________________________________ Ietf-dkim mailing list Ietf-dkim@ietf.org https://www.ietf.org/mailman/listinfo/ietf-dkim