On Tue, 18 Aug 2015, Marco d'Itri wrote: > On Aug 18, Debian Bug Tracking System <[email protected]> wrote: > > > After a bunch of discussions with several dkim experts we decided that > > signing outgoing mails is not a good idea. Therefore we will reject this > > bug, > > please reopen if you disagree. > Can you explain the rationale? There were comments like: that would lead to dkim stapling. "No one uses DKIM stapling.". I am not sure what will happening if you use DKIM stapling and so on.
At least that conviced us that it is not worth the work. What we will do is checking DKIM for p=reject domains and rejecting them if they are invalid. With my latest changes we will also not destroy DKIM sigs anymore. In my eyes that should be enough. Hope that helps Alex
pgpkTdwEvZEJU.pgp
Description: PGP signature
