It appears that Alessandro Vesely <ves...@tana.it> said: >On Wed 16/Apr/2025 21:04:27 +0200 Richard Clayton wrote: >> In message <bb288a78-c7b4-4455-b9d5-fbc2e73d8...@fahq2.com>, Larry M. Smith >> <ietf....@fahq2.com> writes >> >>>Experience has shown that threat actors are willing to go to great >>>lengths to have access to a large pool of resources to abuse and then >>>rapidly discard.[1] Knowing what object to apply poor reputation to for >>>the last event often doesn't help for future ones. >> >> Indeed so, but reputation systems (because once again to state the >> obvious, protocols cannot prevent bad email, but they can provide tools >> for handling it efficiently) may take the view that a brand-new identity >> that has acted as an intermediary to alter some email is not especially >> trustworthy... > >This position leads to ARC-style authentication, where one must trust that the >changes are benign. > >DKIM2 has change tracking. Can't we tell whether a change is evil or not?
Um, I think RFC 3514 applies here. R's, John _______________________________________________ Ietf-dkim mailing list -- ietf-dkim@ietf.org To unsubscribe send an email to ietf-dkim-le...@ietf.org
