On 11/20/2022 1:12 PM, Steve Atkins wrote:
On 20 Nov 2022, at 20:48, Dave Crocker <d...@dcrocker.net> wrote:
Remembering that you kicked this off with a heuristic approach, I'm merely
noting that a BCC with an addressee listed in it should be just as valid (to
the heuristic) as having it occur in To: or CC:. And since you don't agree, I
am not at all understanding the basis.
It’s a reasonable heuristic if Bcc is included in the DKIM signature, I just
don’t think including Bcc in the DKIM signature is a good idea.
Including Bcc: in the signature is a given, for this topic.
Handling of Bcc is not terribly well-defined, particularly for forwarders
(which will sometimes strip it, and sometimes
I have no idea what 'handling' you have in mind. To: and CC: do not get
'handled' except during a Reply process.
As for 'forwarders', I'm not sure what you mean. Certainly not MTA.
That leaves post-delivery behavior, with re-posting, which is entirely
outside the scope DKIM.
As far as delivery to the recipient is concerned it’s a reasonable argument
that this only applies to messages where the recipient is not in the To or Cc
header, so signing the Bcc header is going to be no worse, and may even be
better in the rare case where the Bcc header includes the 821 recipient, and
each individual message to each Bcc recipient is signed.
Sorry I wasn't clear. The premise is that the address in the BCC is a
recipient, listed in an envelope address.
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
mast:@dcrocker@mastodon.social
_______________________________________________
Ietf-dkim mailing list
Ietf-dkim@ietf.org
https://www.ietf.org/mailman/listinfo/ietf-dkim
