This is *NOT* about protection or authentication, this is purely about rfc822/2822/5322 message semantics. Something that has been well-defined and constant for decades.
I have considerable sympathy in theory for your viewpoint, but in practice, the Sender header was deprecated a long time ago. Most MUAs ignore it, the few that don't display it in a way that just confuses people.
-- Regards, John Levine, johnl@xxxxxxxx, http://jl.ly Please consider the environment before reading this e-mail.