On Thu 23/Mar/2023 01:21:55 +0100 Dave Crocker wrote:
My understanding is that the term DKI MReplay Attack refers to a very specific
scenario.
The scenario is re-posting a message such that the original DKIM signature
remains valid.
Any other sort of re-posting does not qualify, under this definition.
And this is the problem we're dealing with. IOW, it's the PS.
So, for example, anything depending on 're-signing' is not a DKIM Replay Attack.
Yes?
Right, except that re-signing can be (part of) a solution to the problem.
Best
Ale
--
_______________________________________________
Ietf-dkim mailing list
Ietf-dkim@ietf.org
https://www.ietf.org/mailman/listinfo/ietf-dkim
