>>> Rolf Wrote: >>> As the From: address is mandatory input for the signature, it may be a >>> logical step to also make it mandatory in the output?
>> Murray Responded: >> Given the above, do we still need to? > Hector Santos responded: > To be more DKIM Mail Integration Consistent and Complete - yes. > > See RFC5585 Figure 1 DKIM Service Architecture. The AUID is needed for > the major CSP (Checking Signing Practice) black box flow in the DKIM > design. Follow up: To illustrate this in RFC5585 by labeling the inputs required: | |- RFC5322 Message V +--------------------------------+ | Message Signed? | +-----+--------------------+-----+ |yes |no | | |SDID/AUID |AUID | | V | +-------------+ SDID/AUID | | Verify +---------+ | | Signature | | | +------+------+ | | pass| fail| | |SDID | | V | | +-------------+ | | | Assessments | | | | | V V +--------+----+ +-------+ | | / Check \ | +--SDID-->/ Signing \ | / Practices \ | +-------+-------+ | | V V As you can see, per RFC5585, both SDID and AUID are mandatory DKIM outputs. -- Hector Santos, CTO http://www.santronics.com _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html