On Mon, Nov 7, 2022 at 9:24 PM Douglas Foster < [email protected]> wrote:
> To Murray's question, there is no "layer" boundary that limits the ability > of an evaluator to choose which signatures are evaluated and which are not. > If by "evaluator" you mean an operator (say, you or me), then sure; you get to pick what DKIM software you run and how you configure it. If by "evaluator" you mean the DKIM software you're running, then I disagree. Imagine a DKIM+DMARC setup that involves independent MTA plugins; DKIM runs to completion on a message, then DMARC picks it up from there. There is nothing in the DKIM specification that says such an implementation has to provide signature selection logic, so a system with that capability is just as viable as one without, and DMARC doesn't get to make stipulations otherwise. I think it's fine to suggest that this might be an interesting optimization, but I don't think we should require it. -MSK, participating
_______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
