June 18, 2014
12:51 a.m.
Thinking about it this way, I'm not really sure what's being considered for DMARC, ...
Nothing specifically for DMARC. The idea is that SASL, the layer you use to log into pop, imap, and submit servers, now includes oauth as an authentication scheme and OpenID as the common way to get the token. This is all in RFC 6616, and is allegedly implemented in gsasl.
Once you have access to the subscriber's submit server, you can run the decorated message through it to get the mail providers's signature, then remail that. OAuth just avoids the need to ask the user directly for her password.
R's, John