On 1/24/25 2:05 PM, Allen Robinson wrote:
For what it's worth, I personally think that the add new vs extend
existing discussion is a very valuable one for the WG to have (and
document) at some point. I'm not currently of the opinion that we can
safely add all of the proposed functionality to DKIM without causing
problems for unaware consumers of the extended signature headers, even
though the protocol says they should be fine.
One thing to keep in mind is that I suspect that many of the proposed
upgrades can be done just as new headers which get signed. Evaluators of
existing deployments could use those headers regardless of whether they
choose to implement some new signature header. That said, DKIM
implementations that screw up such a trivial MUST get pretty much what
they deserve.
Mike
_______________________________________________
Ietf-dkim mailing list -- ietf-dkim@ietf.org
To unsubscribe send an email to ietf-dkim-le...@ietf.org
