On Tue, Dec 6, 2022 at 4:20 PM Dave Crocker <dcroc...@bbiw.net> wrote:
> DKIM was developed to facilitate delivery handling decisions. The > language in the RFC 4871 and RFC 6376 doesn't make this as explicit as I'd > wish, given the perspective I'm advocating, but it's got some implicating > language. References to validation by MTAs or MDAs obviously has to do > with transit or delivery, and not after. Reference to MUAs might imply > long-term term. Or not. Certainly there is no discussion about long-term > use of the signature. > Yes, it's definitely true that the standard was written from the perspective of delivery-time evaluation, and then sending that result to MUAs rather than having MUAs actually do the evaluation. So although 4686 says that's a design goal, 6376 sure doesn't have that flavor. I don't see either RFC clearly "disagreeing" with the view that DKIM is for > transit-related work. That's contrary to Murray's assessment. But again, > the RFC doesn't make that limitation clear (enough, IMO), either. > Right, I think that's what I'm driving at. And because of this, we can't take "transit-time" as a given. It is absolutely within the purview of the reconstituted WG to "fix" this by clarifying using current operational realities and acquired experience. An applicability statement, for instance, would not be out of the question. -MSK
_______________________________________________ Ietf-dkim mailing list Ietf-dkim@ietf.org https://www.ietf.org/mailman/listinfo/ietf-dkim
