Party identification for 4-eyes process

[onthebreeze]

A reporting party on the sustainability platform must pre-register their trading partners so that verification messages can be sent. But they could register any email address so there is a fraud vector where the email recipient is not actually the named supplier.

Suggest that

• all parties should be registered with their DNS domain (proven with a DNS TXT record or similar)
• all verification emails should match the registered domain.