Jim Fenton wrote in <748e4b0a-8aa6-4a19-b395-47921f8f5...@bluepopcorn.net>: |On 5 Jan 2025, at 19:07, Murray S. Kucherawy wrote: ... |I have recently received a number of these replays in my personal email, \ |so I think I understand the problem better. | |At the risk of getting too far into the weeds: | |The RCPT TO address isn’t available to many DKIM implementations, so \ |including it in the signature would be a breaking change. But DKIMbis \ |could define an additional signature field, similar to the b= field \ |but including the RCPT TO address. This would be ignored by current \ |DKIM implementations but could be used by DKIMbis implementations, \ |with the additional benefit of making it clear that it is the RCPT \ |TO address, and not anything else, that has changed. That would be \ |a non-breaking change.
I think we were further last year already. M. Kucherawy's draft from a couple of years back already did good, but included all the things in a public signature, therefore revealing data meant to be hidden. I therefore proposed a per-receiver-domain DKIM-Subsignature, but which of course requires message splicing, which seemed expensive. John Levine then said something like "just splice it", and after some looking around i felt he surely referred to that draft of Chuang of Google which brought these darn= tags. That DKIM2 even seems to want to use per-receiver forks, and Gondwana gave a high ratio number of single-receiver mails to lobby that. |Assuming the other goals of DKIMbis can be accomplished in similar \ |ways, I consider the non-breaking approach preferable to defining a \ |whole new header field. My DKIMACDC uses one additional header field to lock the per-domain receiver list in order to avoid DKIM replay, and one for the difference data; i first wanted to include the diff in the normal DKIM-Signature, but was too lazy to look at all implementations in order to check whether they can deal with potentially *huge* such headers. Also the "diffs are numbered" approach is possibly really the way to go i thought. Thus. --steffen | |Der Kragenbaer, The moon bear, |der holt sich munter he cheerfully and one by one |einen nach dem anderen runter wa.ks himself off |(By Robert Gernhardt) | |In Fall and Winter, feel "The Dropbear Bard"s pint(er). | |The banded bear |without a care, |Banged on himself for e'er and e'er | |Farewell, dear collar bear _______________________________________________ Ietf-dkim mailing list -- ietf-dkim@ietf.org To unsubscribe send an email to ietf-dkim-le...@ietf.org
