I've uploaded the revised text to the datatracker. I made a variant of Tim's suggested change, and included my own suggestion in response to Wei's point about amending DMARC at some point.
On Sat, Dec 28, 2024 at 6:31 PM Bron Gondwana <brong= 40fastmailteam....@dmarc.ietf.org> wrote: > > - The SMTP RCPT TO address might not be present in the signed header > fields of an email, meaning that the same message can be sent to > arbitrarily many recipients, and those recipients can not tell if the > signer intended to them as recipients. > > Am I poking a hornet's nest here, or is it safe to state that this is the commonly understood definition of "DKIM replay"? As was brought up elsewhere, do we need to be clear about whether this is expected to be an extension of existing DKIM or ultimately a replacement of it? Or are we keeping our options open, which is what the current text seems to be doing? -MSK
_______________________________________________ Ietf-dkim mailing list -- ietf-dkim@ietf.org To unsubscribe send an email to ietf-dkim-le...@ietf.org
