>With ATPS, the requirement is to replace the d= string with the domain name from >the From: field. That replacement value is then passed to the assessment module. > >In other words, DKIM provides it's own identifier to be used for assessment, >whereas ATPS dictates use of the From: field domain name for assessment. At least one of us is confused here. ADSP already dictates use of the From: domain. ATPS is a modification to ADSP. It doesn't change anything that DKIM reports, only the rule for deciding whether ADSP finds an Author Domain Signature. With or without ADSP or ATPS, DKIM returns a possibly empty list of d= domains from valid signatures. ADSP returns the practices value (unknown/all/discardable) and a bit whether it found an Author Domain signature. Since there might be multiple DKIM signatures, even if ADSP says it found an Author Domain signature, you can't assume a d= domain had any relationship to the From: domain. It's true that ATPS adds a field to DKIM signatures that doesn't affect DKIM evaluation, but DKIM already knows how to skip over fields it doesn't understand. R's, John _______________________________________________ Ietf mailing list Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf