On Sun 06/Apr/2025 20:56:35 +0200 Dave Crocker wrote:
The goals for the new effort are for a very different set of services. There
is nothing wrong with wanting those services, but really, they are not DKIM.
The semantics of the new effort really are orthogonal to DKIM. (And that is
one of the reaon the technical errors in the Motivation draft demonstrate a
fundamental misunderstanding, rather than being minor distractions.)
One of the reasons a new effort should adopt a different name is to help people
understand that the new effort is for something entirely different from what
DKIM intended to do.
AIUI, countering replay is a major semantic difference. DKIM bears the concept
of identifying a domain responsible for a message regardless of which hops
forwarded the message. It overcame SPF in this regard. However, replay is a
trouble for freemail providers, as it prevents them from controlling the spread
of a message. As it turns out, spread can be controlled by tweaking a few
technical knobs of DKIM. The result, of course, is something different.
Although different, DKIM2 shares a huge amount of concepts developed alongside
DKIM, from the tag=value specification, to underscored domains and key
distribution, to hashing and signing. The latter, signing, seems to be the
most widely known feature of DKIM. "If you see DKIM-Signature: don't
autoconvert." It has had a significant impact on the email ecosystem. It is
from this point of view that DKIM and DKIM2 are two of a kind.
Best
Ale
--
_______________________________________________
Ietf-dkim mailing list -- ietf-dkim@ietf.org
To unsubscribe send an email to ietf-dkim-le...@ietf.org
