On Wednesday, March 22, 2023 8:21:55 PM EDT Dave Crocker wrote: > My understanding is that the term DKI MReplay Attack refers to a very > specific scenario. > > The scenario is re-posting a message such that the original DKIM > signature remains valid. > > Any other sort of re-posting does not qualify, under this definition. > > So, for example, anything depending on 're-signing' is not a DKIM Replay > Attack. > > Yes?
That's my understanding, however that scenario also describes a normal mailing list if it doesn't make modifications that break an existing DKIM signature or any kind of forwarding with similar characteristics. Scott K _______________________________________________ Ietf-dkim mailing list Ietf-dkim@ietf.org https://www.ietf.org/mailman/listinfo/ietf-dkim