On Tue, Apr 1, 2025 at 7:52 PM Michael Thomas <m...@mtcc.com> wrote:
> On Mon, Mar 31, 2025 at 12:32 PM John Levine <jo...@taugh.com> wrote: > >> It appears that Wei Chuang <wei...@google.com> said: >> >To sign a message, the signer must find the maximum instance tag "i=n", >> >denoted as M. To add a new DKIM2-Signature, first verify that there >> isn't >> >any to be defined in the future indication that the message "left" >> DKIM2. ... >> >> I have a few questions that might greatly simplify the process. >> >> Most (all?) non-trace headers are defined to occur only once, like From: >> and Subject: >> > > I think this could work also and agree it would shorten the list of header > fields that have to be oversigned. > > No, this is a useless optimization that nobody cares about. Show the > community that cares. A community that actually matters. > Two things: It's a recurrent problem that operators don't seem to know which header fields they should sign. I observed one community of operators considering making a BCP of their own that listed which fields should be signed, because the guidance in STD 76 relies too much on them understanding header field semantics. Maybe this thing needs to be more prescriptive than that. In any case, it certainly could choose to be if that's where consensus goes. Unfortunately, it doesn't seem to be the case that the world is going to start bouncing things with multiple From fields anytime soon, even though that violates the (currently Draft) standard. <co-chair> And please let's not shut threads down before they've run their course. </co-chair> -MSK
_______________________________________________ Ietf-dkim mailing list -- ietf-dkim@ietf.org To unsubscribe send an email to ietf-dkim-le...@ietf.org
