On 5/5/11 1:52 AM, Hector Santos wrote: >>> Murray wrote: >>> You want AUID and RFC5322.From added to the Output Requirements >>> section explicitly. > BTW, while RFC5322.From will satisfy requirements, I am proposing a > new ODID identity (RFC5322.From.domain) since that is whats already > extracted by APIs in order to do the current ADSP support. > > I proposes the following: > > 3.x Originating Domain Identity (ODID) > > The ODID is the domain part of the From: address. This identity > MAY be considered as an output communicated to an advanced > Identity Assessor module. > > INFORMATIVE IMPLEMENTATION NOTE: > > The ODID and SDID are inputs for the optional > Checking Signing Practices component as described > in the DKIM Service Architecture [RFC5585] > > 3.9. Output Requirements > > For each signature that verifies successfully or produces a TEMPFAIL > result, the output of a DKIM verifier module MUST include the set of: > > o The domain name, taken from the "d=" signature tag; and > > o The result of the verification attempt for that signature. > > | Optional output are: > | > | o The Agent or User Identity (AUID) taken from "i=", if any. > | > | o The Originating Domain Identity (ODID). Verifier output > | MAY consider ODID when no signatures or invalid signatures > | are found. > > The output MAY include other signature properties or result meta- > data, including PERMFAILed or otherwise ignored signatures, for use > by modules that consume those results. > > See Section 6.1 for discussion of signature validation result codes.
are you aware of the fact that 5322.From can consist of a mailbox-list as per section 3.6.2 of RFC5322? What is the ODID in case the 5322.From contains multiple 'mailboxes' (terminology of RFC5322)?. /rolf _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html