Steffen Nurpmeso wrote in <20230809214100.nzjxy%stef...@sdaoden.eu>: |Steffen Nurpmeso wrote in | <20230809211602.8mpmd%stef...@sdaoden.eu>: ||Steffen Nurpmeso wrote in || <20230809205628.ua41r%stef...@sdaoden.eu>: |||Murray S. Kucherawy wrote in ||| <cal0qlwyjf2wyz4jbdtfptkoghpaf7gpykkcnnvhoqekv_sv...@mail.gmail.com>: ||||On Wed, Aug 9, 2023 at 9:07 AM Steffen Nurpmeso <stef...@sdaoden.eu> \ ||||wrote: | ... ||I mean, of course DKIM could go further and encrypt those ...
And couldn't it become standardized that verification results then must be included in future DKIM signatures? So then a verifier inserts a RFC 7001 header, and that will be covered by a further DKIM signature. And when a mailing-list or so changes fields, it could create a "DKIM-Backup: h1=b1, h2=b2, .." where b1 could be base64 encoded (gzip compressed), so that the original values could be restored. It should be straightforward and easy to handle this for the few headers like Subject:,From:,Sender: and not much more to come which are normally the culprit of problems. And that to be included in a further DKIM signature. A DKIM verifier can then restore the original content and verify it accordingly. This all not today, but the road is not that long and winding. --steffen | |Der Kragenbaer, The moon bear, |der holt sich munter he cheerfully and one by one |einen nach dem anderen runter wa.ks himself off |(By Robert Gernhardt) _______________________________________________ Ietf-dkim mailing list Ietf-dkim@ietf.org https://www.ietf.org/mailman/listinfo/ietf-dkim