Murray S. Kucherawy writes: > I agree, mostly. I wasn't advocating for cracking open the entire > specification. Assuming we go this path (rather than bolting down > DKIM-Delegate's problems somehow),
Once you put the token signature in the DKIM-Delegate field itself (a process we already do for DKIM-Signature, which implicitly MUST sign itself), I don't see any problems that don't apply equally to this proposal. Except lack of generality, if you consider that a problem. John's proposal is more general, but generality is a two-edged sword. This particular generality worries me. As I understand it, conditions become a registry matter, not an RFC matter. I fear the proliferation of conditions that nobody will implement, or worse similar conditions with slightly different semantics that somebody prefers to existing registered conditions. So I'm firmly in favor of a new specialized header field. I realize that means support in verifiers will probably need to be maintained for decades, but I'd rather seen the need for generality before opening Pandora's Box. _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc