> On 9 Aug 2023, at 04:20, Jesse Thompson <z...@fastmail.com> wrote: > > On Tue, Aug 8, 2023, at 12:55 AM, Murray S. Kucherawy wrote: >> On Mon, Aug 7, 2023 at 9:23 PM Jesse Thompson <z...@fastmail.com >> <mailto:z...@fastmail.com>> wrote: >> On Mon, Aug 7, 2023, at 10:54 PM, Murray S. Kucherawy wrote: >>> On Mon, Aug 7, 2023 at 8:00 PM Emanuel Schorsch >>> <emschorsch=40google....@dmarc.ietf.org >>> <mailto:40google....@dmarc.ietf.org>> wrote: >>> If there are not that many BCC recipients for a message then it is likely >>> not necessary as the duplicate message counting is unlikely to have a >>> negative impact. If there are a large number of BCC recipients for a given >>> message then I think the solutions proposed in Wei's DARA draft are >>> helpful: standardizing the way to indicate BCC/Forwarded-To and signing a >>> separate copy of the message for each BCC recipient so that it can still be >>> verified as direct mail. >>> >>> Doesn't putting "invisible" recipients into an actual field like Bcc create >>> a privacy concern, i.e., they're no longer invisible? You need to hope >>> that the agents in the handling chain that are supposed to delete that >>> field will actually do it, which presumes the entire deployed base will >>> adopt DARA in a reasonable period of time. >> >> According to RFC 5322 it should be handled correctly by "but the recipients >> on the "Bcc:" line get a separate copy of the message containing a "Bcc:" >> line" >> >> [...] >> >> As you cited, RFC 5322 describes three ways that the "Bcc" field is >> typically used. You're talking about just one of those, and I'm not sure >> it's the most common one. In any case, I suggest that "should" is a bit of >> a leap, especially given that the choice of which of the three to use is >> described as "implementation dependent". >> >> The second part of your citation confirms the risk to which I was referring. > > I don't understand why it's a privacy issue that an individual recipient sees > their own address in the Bcc header.
It seems to me there is a lot of heavy lifting to be done to make sure that the individual recipient only sees a copy of the message with their address in the BCC header. If there are multiple BCCs that implies that whatever is creating the mail must make individual copies of the message with only the BCC recipient in that line before it’s signed with DKIM. So for a message with 3 BCCs, there are 4 separate copies of the message to be created, one with no BCC header and 3 for each of the BCC recipients. Then each message must be individually signed. I’m not sure how that’s going to work in practice. laura (participating) -- The Delivery Expert Laura Atkins Word to the Wise la...@wordtothewise.com Delivery hints and commentary: http://wordtothewise.com/blog
_______________________________________________ Ietf-dkim mailing list Ietf-dkim@ietf.org https://www.ietf.org/mailman/listinfo/ietf-dkim
