On Fri 11/Aug/2023 00:33:46 +0200 Steffen Nurpmeso wrote:
Murray S. Kucherawy wrote in
<CAL0qLwaLuNbwbnB4NLrMbqxP=qdisrvnxvprjf8p+dkgjtw...@mail.gmail.com>:
On Wed, Aug 9, 2023 at 3:14 PM Steffen Nurpmeso <stef...@sdaoden.eu> wrote:
And couldn't it become standardized that verification results then
must be included in future DKIM signatures?
So then a verifier inserts a RFC 7001 header, and that will be
covered by a further DKIM signature.
Aren't you basically describing ARC here?
I am only talking DKIM.
If you DKIM sign a message and have an authentication result
(made) available (yourself), anything but not including it in your
own signature seems senseless.
Indeed, including and signing Authentication-Results is one of the two relevant
differences between DKIM and ARC. The other is chaining existing signatures.
I don't think considering DKIM plus A-R, that is ARC minus chaining makes any
sense at this point.
Best
Ale
--
_______________________________________________
Ietf-dkim mailing list
Ietf-dkim@ietf.org
https://www.ietf.org/mailman/listinfo/ietf-dkim
