>> 4) the ability to ride "stealthfully" within the existing >> infrastructure without need to upgrade either MTA's or MUA's
I think the point here is that if your MTA or MUA doesn't handle DKIM, you won't see anything out of the ordinary. Compare that to the mystery meat message parts you get with an S/MIME message in a MUA that doesn't handle S/MIME. There are a lot of situations where an MTA forwards a message "transparently", without significant munging other than adding a Received: header, and DKIM signatures are designed to survive that, which is a useful case for a wide set of courtesy forwards of the pobox.com and ieee.org variety. This is NOT saying that it's bullet proof in the face of mutilation by Exchange and the like, but at least the basic forwarding scenario that caused so much excitement for SPF or Sender-ID in MARID isn't a problem here. You are of course correct that to take advantage of DKIM, MTAs and MDAs and perhaps MUAs need upgrading. R's, John _______________________________________________ ietf-dkim mailing list http://dkim.org
