On Mon 14/Apr/2025 19:01:35 +0200 Wei Chuang wrote:
Instead I think we need a better way that can describe the originator, when a message was forwarded and when a participant tries to spoof the forwarding description. DKIM2 does this. With that we can more easily see abusive scenarios like replay where some message intended for one recipient was sent to many others in an inauthentic way.
Why didn't the practice of signing by user name, as in i=john....@example.com, catch on? Would personal responsibility have played a role? Will it now?
Best Ale -- _______________________________________________ Ietf-dkim mailing list -- ietf-dkim@ietf.org To unsubscribe send an email to ietf-dkim-le...@ietf.org
