Sorry for the late reply, first sunny day since a about a month, we had a very rainy and cold July in Germany.
Murray S. Kucherawy wrote in <CAL0qLwaLuNbwbnB4NLrMbqxP=qdisrvnxvprjf8p+dkgjtw...@mail.gmail.com>: |On Wed, Aug 9, 2023 at 3:14 PM Steffen Nurpmeso <stef...@sdaoden.eu> wrote: |> And couldn't it become standardized that verification results then |> must be included in future DKIM signatures? |> So then a verifier inserts a RFC 7001 header, and that will be |> covered by a further DKIM signature. | |Aren't you basically describing ARC here? I am only talking DKIM. If you DKIM sign a message and have an authentication result (made) available (yourself), anything but not including it in your own signature seems senseless. |> And when a mailing-list or so changes fields, it could create |> a "DKIM-Backup: h1=b1, h2=b2, .." where b1 could be base64 encoded |> (gzip compressed), so that the original values could be restored. ... |Even if you could revert header field values to their signature-time |content, it's what's there now that gets shown to the user. So if I have a DKIM is never about the user, no? This is only meant for that reputation you all talk about. You can climb up that ladder, and if you find someone fooling around, you can downrate the bad guy. |DKIM-Backup field that lets the original DKIM-Signature validate, but the |new Subject has a spam URL in it, then I'm using that signer's domain to |show you content they didn't intend. | |It's the same problem, isn't it? No. --steffen | |Der Kragenbaer, The moon bear, |der holt sich munter he cheerfully and one by one |einen nach dem anderen runter wa.ks himself off |(By Robert Gernhardt) _______________________________________________ Ietf-dkim mailing list Ietf-dkim@ietf.org https://www.ietf.org/mailman/listinfo/ietf-dkim
