On 31/03/2025 11:55, Alessandro Vesely wrote:
If we don't change the canonicalizations, a DKIM1 verifier will be able to verify a DKIM2 signature, limited to DKIM1 semantics. A successful verification still adds something to the properties of a message.
And as mentioned in some other thread I can't find right now. Keeping the same header and incrementing the version will also allow DKIM-aware software to remove DKIM(v2) signatures that they know that they'll break, for example mailing list milters.
I can't predict however which is better, missing or broken DKIMv2 signatures.
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Ietf-dkim mailing list -- ietf-dkim@ietf.org To unsubscribe send an email to ietf-dkim-le...@ietf.org
