> -----Original Message----- > From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim-boun...@mipassoc.org] > On Behalf Of Douglas Otis > Sent: Monday, April 25, 2011 6:33 PM > To: ietf-dkim@mipassoc.org; Barry Leiba; Pete Resnick > Subject: [ietf-dkim] draft-ietf-dkim-rfc4871bis-07 // Attacks Involving > Additional Header Fields > > Double listing in the "h=" tag can not fully mitigate risks related to > appended header fields when messages are signed by a different domain > than the domain found in the appended From header field.
DKIM doesn't create any binding between the RFC5322.From domain and the "d=" value as you're doing. What you're talking about here falls into the realm of ADSP or other policy-like assertions, not DKIM itself which is the topic of this draft. _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html