On Sat, 11 Dec 2021, Sebastian Nielsen via mailop wrote:
The idea is as follows:
An DKIM-compliant sender, can choose to include a QR-code in the email, as a
picture. How this QR-code is generated on the sender's side (either by
unique ID that loads the whole QR from a database, or by embedding the whole
DKIM signature inside the src= of the image and then have server to generate
the QR, or simply attaching the QR code to the email as a inline attachment)
is up to the sender.
... ...
And now to why this would be useful:
An receiver of an email, could then scan the QR code with his mobile phone,
and the mobile app would do the validation against public DNS. This, if this
would become a standard, could be even implemented built-in in phones.
... ...
This allows a user, to be able to DKIM validate an email EVEN if the
receiving system has no support for DKIM validation at all, neither the
client or receiving mail server. This would increase trust for email, as
users that suspect an email with an embedded link is phishing, could easily
scan the QR code with his mobile phone, and instantly know the email is
legit.
How does the phone app get access to the message to confirm that the
QR-encoded signature matches the message ?
Best regards, Sebastian Nielsen
--
Andrew C. Aitchison Kendal, UK
and...@aitchison.me.uk
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
