Some minor suggestions:
1. Introduction
Second and third paragraph potential rewrite:
"However, the legacy of the Internet is such that not all messages
will be signed. Therefore, the absence of a signature is not an a
priori indication of forgery. In fact, during early phases of DKIM
deployment it must be expected that most messages will remain unsigned.
Nevertheless, some domains may find it highly desirable to advertise
that they sign all their mail making the absence of a valid signature a
potential indication of forgery. Without a mechanism to do so the
benefits of DKIM are limited to cases in which a valid signature exists
and can not be extended to cases in which signatures are missing or are
invalid. Defining such a mechanism is the purpose of Sender Signing
Practices."
"In the absence of a valid DKIM signature on behalf of the "From"
address [RFC2822], message verifiers implementing this specification
MUST determine whether messages from that address are expected to be
signed and what signatures are acceptable. This determination is
referred to as a Sender Signing Practices check."
Fourth paragraph, start of first sentence: "Conceivably, Sender
Signing Practices could be extended in the future..."
(more coming)
Arvel
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html