On 9 Aug 2023, at 2:53, Laura Atkins wrote: > If there are multiple BCCs that implies that whatever is creating the mail > must make individual copies of the message with only the BCC recipient in > that line before it’s signed with DKIM. So for a message with 3 BCCs, there > are 4 separate copies of the message to be created, one with no BCC header > and 3 for each of the BCC recipients. Then each message must be individually > signed.
It also seems like the message with no BCC header field would still be eligible for replay, wouldn’t it? This scheme also would depend on DKIM verifiers correlating the signed BCC header field with the envelope-to address of the message. I expect it would take quite a while for verifiers to migrate to code that does this correlation. A better scheme (but not much better) might be to define an Envelope-to: header field, but that also has the verifier problem. And all of these would break recipient-side forwarders (e.g., alumni addresses, role-based addresses). -Jim _______________________________________________ Ietf-dkim mailing list Ietf-dkim@ietf.org https://www.ietf.org/mailman/listinfo/ietf-dkim
