>> Oh, and one final note. The document talks a bit about defining a >> public key BATV scheme but doesn't actually define anything.
Humor me for a moment here. The idea of a public key BATV is so the system generating the bounce can check the signature and not even send bogus bounces. But any system that is going to DKIM sign its bounce addresses would also be able to DKIM sign its message bodies, so ADSP discardable already allows you to declare that everything is signed so don't bounce the unsigned stuff. We're talking about DSNs here, not SMTP rejects, so the system generating the bounce is going to have received the message already. This isn't a situation where you might skip the DATA in a SMTP session. Can you think of any likely scenarios where you'd use a DKIM signed bounce address but not a DKIM signed message? Again, maybe I'm dense, but I can only think of contrived mailing list examples where the bounce address domain and the From: address domain are different and don't have enough DKIM signatures to use ADSP. But I'd think the solution wouldn't be signed bounces, it'd be a body signature from the bounce address domain, and an added ADSP keyword to say that you always do that. R's, John
