> Now on the other hand, if an administrative domain wanted to go to the > trouble to authenticate down to the user level, we didn't want to prevent > that, either. The primary audience for DKIM includes regulated industries, > after all.
Seems to me that works fine as is. If a stock broker wants to set up its mail system to put an i= into DKIM that reliably identifies the person who sent the mail, they can do that. But unless I have external knowledge that they do that, and trust them to do it right, I can't depend on it, so it's mostly an opaque token of use to the sender when someone sends back a message and says "what the heck is going on here?" R's, John _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html