I don't believe it's that complex, and I do believe it's worth the effort in
exchange for being able to tell with certainty which entity (by signature;
which DNS domain) is responsible for creating each part of a message. You can
then attribute parts of the text to different entities - the origi
Regarding the question of "is this DKIMbis or something bigger"? It's
something bigger than just tweaks to DKIM.
The choice of the name "DKIM2" is partially branding, and partially because it
re-uses the existing DNS entries for DKIM keys and large parts of the signing
infrastructure.
So ther
The problem statement document is already quite comprehensive:
https://datatracker.ietf.org/doc/draft-gondwana-dkim2-motivation/
The broad shape has had months of thought and design already by engineers from
some of the largest email handlers on the planet - but it needs broader input
and polis
Hi Dave,
Sorry for the delay in replying to this - I've been traveling back from IETF in
Dublin. Thanks for this very detailed review!
I think there are three key significant issues that you've raised here:
* whether this is DKIMbis or a broader thing
* the timeliness of bringing this work to I
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
In message ,
Laura Atkins writes
>Now, it was, so it was fine. But it does suggest that anyone can
>create a Quickbooks account to impersonate my company. Because
>Quickbooks sends from their own domain, it’s all DMARC passing
>mai
> On 16 Nov 2024, at 10:39, Alessandro Vesely wrote:
>
> On 15/11/2024 20:13, Dave Crocker wrote:
>> On 11/15/2024 10:55 AM, Alessandro Vesely wrote:
>>> On 13/11/2024 21:14, Dave Crocker wrote:
While 'indirect' has well-established context in many email technical
circles, I believe
