On 3/24/25 7:14 AM, Murray S. Kucherawy wrote:
On Sun, Mar 23, 2025 at 5:06 PM Michael Thomas <m...@mtcc.com> wrote:
That's basically what I was trying to say. We can recommand and
give the reasons why it's a good idea to do a single rcpt-to
without mandating it with a MUST. The microscopic amount of
traffic that actually uses it can still work with DKIM++ and the
vast majority of traffic does it already anyway. It's been really
confusing why it was turned into a MUST like there was some
underlying security reason.
I think there's a difference between saying "all mail MUST now be sent
single-recipient" and "if you are participating in DKIMbis, you MUST
send single recipient". I don't think anyone is saying the former, and
in fact would argue that doing so violates our charter. But I believe
the latter is fair game.
Considering that the authors have been visualizing a world where DKIM2
displaces DKIM and large mailbox providers force the issue by requiring
DKIM2, that's tantamount to saying "all mail MUST now be sent
single-recipient". And since there doesn't seem to be any motivation
other than "simplicity" for DKIM2, that would be a shame.
I should say that while I find the "displace" unrealistic in the
extreme, the "must use" part is a lot more plausible.
Mike
_______________________________________________
Ietf-dkim mailing list -- ietf-dkim@ietf.org
To unsubscribe send an email to ietf-dkim-le...@ietf.org
